[geeklog-cvs] geeklog-1.3/public_html article.php,1.60,1.61 comment.php,1.88,1.89
vinny at iowaoutdoors.org
vinny at iowaoutdoors.org
Thu Jan 27 23:49:12 EST 2005
Update of /var/cvs/geeklog-1.3/public_html
In directory www:/tmp/cvs-serv27642/public_html
Modified Files:
article.php comment.php
Log Message:
Checkin comment refactoring for plugins.
Index: comment.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/comment.php,v
retrieving revision 1.88
retrieving revision 1.89
diff -C2 -d -r1.88 -r1.89
*** comment.php 25 Jan 2005 04:04:15 -0000 1.88
--- comment.php 28 Jan 2005 04:49:09 -0000 1.89
***************
*** 9,13 ****
// | Let user comment on a story, poll, or plugin. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2004 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony at tonybibbs.com |
--- 9,13 ----
// | Let user comment on a story, poll, or plugin. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2005 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony at tonybibbs.com |
***************
*** 15,19 ****
// | Jason Whittenburg - jwhitten at securitygeeks.com |
// | Dirk Haun - dirk at haun-online.de |
! // | Vincent Furia - vinny01 at users.sourceforge.net |
// +---------------------------------------------------------------------------+
// | |
--- 15,19 ----
// | Jason Whittenburg - jwhitten at securitygeeks.com |
// | Dirk Haun - dirk at haun-online.de |
! // | Vincent Furia - vinny01 AT users DOT sourceforge DOT net |
// +---------------------------------------------------------------------------+
// | |
***************
*** 42,45 ****
--- 42,46 ----
* @author Jason Whittenburg
* @author Tony Bibbs <tony at tonybibbs.com>
+ * @author Vincent Furia <vinny01 AT users DOT sourceforge DOT net>
*
*/
***************
*** 80,86 ****
}
! $ret .= CMT_saveComment ( strip_tags ($_POST['title']), $_POST['comment'],
! $sid, COM_applyFilter ($_POST['pid'], true), 'article',
! COM_applyFilter ($_POST['postmode']));
if ( $ret > 0 ) { // failure
--- 81,87 ----
}
! CMT_saveComment ( strip_tags ($_POST['title']), $_POST['comment'],
! $sid, COM_applyFilter ($_POST['pid'], true), 'article',
! COM_applyFilter ($_POST['postmode']));
if ( $ret > 0 ) { // failure
***************
*** 105,111 ****
}
! $ret .= CMT_saveComment (strip_tags ($_POST['title']), $_POST['comment'],
! $sid, COM_applyFilter ($_POST['pid'], true), 'poll',
! COM_applyFilter ($_POST['postmode']));
if ( $ret > 0 ) { // failure
--- 106,112 ----
}
! CMT_saveComment (strip_tags ($_POST['title']), $_POST['comment'],
! $sid, COM_applyFilter ($_POST['pid'], true), 'poll',
! COM_applyFilter ($_POST['postmode']));
if ( $ret > 0 ) { // failure
***************
*** 121,125 ****
default: // assume plugin
! if ( !($display = PLG_handlePluginComment($type, null, 'save')) ) {
$display = COM_refresh ($_CONF['site_url'] . '/index.php');
}
--- 122,128 ----
default: // assume plugin
! if ( !($display = PLG_commentSave($type, strip_tags ($_POST['title']),
! $_POST['comment'], $sid, COM_applyFilter ($_POST['pid'], true),
! COM_applyFilter ($_POST['postmode']))) ) {
$display = COM_refresh ($_CONF['site_url'] . '/index.php');
}
***************
*** 151,155 ****
$A['group_id'], $A['perm_owner'], $A['perm_group'],
$A['perm_members'], $A['perm_anon']) == 3) {
! $ret .= CMT_deleteComment(COM_applyFilter($_REQUEST['cid'], true), $sid, 'article');
$comments = DB_count ($_TABLES['comments'], 'sid', $sid);
DB_change ($_TABLES['stories'], 'comments', $comments,
--- 154,158 ----
$A['group_id'], $A['perm_owner'], $A['perm_group'],
$A['perm_members'], $A['perm_anon']) == 3) {
! CMT_deleteComment(COM_applyFilter($_REQUEST['cid'], true), $sid, 'article');
$comments = DB_count ($_TABLES['comments'], 'sid', $sid);
DB_change ($_TABLES['stories'], 'comments', $comments,
***************
*** 172,176 ****
$A['group_id'], $A['perm_owner'], $A['perm_group'],
$A['perm_members'], $A['perm_anon']) == 3) {
! $ret .= CMT_deleteComment(COM_applyFilter($_REQUEST['cid'], true), $sid, 'poll');
$display .= COM_refresh ($_CONF['site_url'] . "/pollbooth.php?qid=$sid&aid=-1");
} else {
--- 175,179 ----
$A['group_id'], $A['perm_owner'], $A['perm_group'],
$A['perm_members'], $A['perm_anon']) == 3) {
! CMT_deleteComment(COM_applyFilter($_REQUEST['cid'], true), $sid, 'poll');
$display .= COM_refresh ($_CONF['site_url'] . "/pollbooth.php?qid=$sid&aid=-1");
} else {
***************
*** 182,187 ****
default: //assume plugin
! if ( !($display = PLG_handlePluginComment($type,
! COM_applyFilter($_REQUEST['cid'], true), 'delete')) ) {
$display = COM_refresh ($_CONF['site_url'] . '/index.php');
}
--- 185,190 ----
default: //assume plugin
! if ( !($display = PLG_commentDelete($type,
! COM_applyFilter($_REQUEST['cid'], true), $sid)) ) {
$display = COM_refresh ($_CONF['site_url'] . '/index.php');
}
***************
*** 192,199 ****
--- 195,294 ----
}
+ /**
+ * Hanldes a comment view request
+ *
+ * @copyright Vincent Furia 2005
+ * @author Vincent Furia <vinny01 AT users DOT sourceforge DOT net>
+ * @param boolean $view View or display (true for view)
+ * @return string HTML (possibly a refresh)
+ */
+ function handleView($view = true) {
+ global $_REQUEST, $_TABLES, $_USER, $_CONF;
+
+ if ($view) {
+ $cid = COM_applyFilter ($_REQUEST['cid'], true);
+ } else {
+ $cid = COM_applyFilter ($_REQUEST['pid'], true);
+ }
+
+ if ($cid <= 0) {
+ return COM_refresh($_CONF['site_url'] . '/index.php');
+ }
+
+ $sql = "SELECT sid, title, type FROM {$_TABLES['comments']} WHERE cid = $cid";
+ $A = DB_fetchArray( DB_query($sql) );
+ $sid = $A['sid'];
+ $title = $A['title'];
+ $type = $A['type'];
+
+ $format = COM_applyFilter ($_REQUEST['format']);
+ if ( $format != 'threaded' && $format != 'nested' && $format != 'flat' ) {
+ if ( $_USER['uid'] > 1 ) {
+ $format = DB_getItem( $_TABLES['usercomment'], 'commentmode',
+ "uid = {$_USER['uid']}" );
+ } else {
+ $format = $_CONF['comment_mode'];
+ }
+ }
+
+ switch ( $type ) {
+ case 'article':
+ $result = DB_query ("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (sid = '$sid') AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND') . COM_getTopicSQL ('AND'));
+ $A = DB_fetchArray ($result);
+ $allowed = $A['count'];
+
+ if ( $allowed == 1 ) {
+ $delete_option = ( SEC_hasRights( 'story.edit' ) &&
+ ( SEC_hasAccess( $A['owner_id'], $A['group_id'],
+ $A['perm_owner'], $A['perm_group'], $A['perm_members'],
+ $A['perm_anon'] ) == 3 ) );
+ $display .= CMT_userComments ($sid, $title, $type,
+ COM_applyFilter ($_REQUEST['order']), $format, $cid,
+ COM_applyFilter ($_REQUEST['page'], true), $view, $delete_option);
+ } else {
+ $display .= COM_startBlock ($LANG_ACCESS['accessdenied'], '',
+ COM_getBlockTemplate ('_msg_block', 'header'))
+ . $LANG_ACCESS['storydenialmsg']
+ . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
+ }
+ break;
+
+ case 'poll':
+ $result = DB_query ("SELECT COUNT(*) AS count FROM {$_TABLES['pollquestions']} WHERE (qid = '$sid')" . COM_getPermSQL ('AND'));
+ $A = DB_fetchArray ($result);
+ $allowed = $A['count'];
+
+ if ( $allowed == 1 ) {
+ $delete_option = ( SEC_hasRights( 'poll.edit' ) &&
+ ( SEC_hasAccess( $A['owner_id'], $A['group_id'],
+ $A['perm_owner'], $A['perm_group'], $A['perm_members'],
+ $A['perm_anon'] ) == 3 ) );
+ $display .= CMT_userComments ($sid, $title, $type,
+ COM_applyFilter ($_REQUEST['order']), $format, $cid,
+ COM_applyFilter ($_REQUEST['page'], true), $view, $delete_option);
+ } else {
+ $display .= COM_startBlock ($LANG_ACCESS['accessdenied'], '',
+ COM_getBlockTemplate ('_msg_block', 'header'))
+ . $LANG_ACCESS['storydenialmsg']
+ . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
+ }
+ break;
+
+ default: // assume comment
+ if ( !($display = PLG_displayComment($type, $sid, $cid, $title,
+ COM_applyFilter ($_REQUEST['order']), $format,
+ COM_applyFilter ($_REQUEST['page'], true), $view)) ) {
+ return COM_refresh($_CONF['site_url'] . '/index.php');
+ }
+ break;
+ }
+
+ return COM_siteHeader() . $display . COM_siteFooter();
+ }
// MAIN
$display = '';
+ // If reply specified, force comment submission form
if (isset ($_REQUEST['reply'])) {
$_REQUEST['mode'] = '';
***************
*** 211,340 ****
case $LANG03[11]: // Submit Comment
! $display = handleSubmit(); // moved to function for readibility
break;
case 'delete':
! $display = handleDelete(); // moved to function for readibility
break;
case 'view':
! $cid = COM_applyFilter ($_REQUEST['cid'], true);
! if ($cid > 0) {
! $sql = "SELECT sid, title, type FROM {$_TABLES['comments']} WHERE cid = $cid";
! $A = DB_fetchArray( DB_query($sql) );
! $sid = $A['sid'];
! $title = $A['title'];
! $type = $A['type'];
! $allowed = 1;
! if ($type == 'article') {
! $result = DB_query ("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (sid = '$sid') AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND') . COM_getTopicSQL ('AND'));
! $A = DB_fetchArray ($result);
! $allowed = $A['count'];
! } else if ($type == 'poll') {
! $result = DB_query ("SELECT COUNT(*) AS count FROM {$_TABLES['pollquestions']} WHERE (qid = '$sid')" . COM_getPermSQL ('AND'));
! $A = DB_fetchArray ($result);
! $allowed = $A['count'];
! }
! $display .= COM_siteHeader();
! if ($allowed == 1) {
! $format = COM_applyFilter ($_REQUEST['format']);
! if ( $format != 'threaded' && $format != 'nested' && $format != 'flat' ) {
! if ( $_USER['uid'] > 1 ) {
! $format = DB_getItem( $_TABLES['usercomment'], 'commentmode',
! "uid = {$_USER['uid']}" );
! } else {
! $format = $_CONF['comment_mode'];
! }
! }
! if ($type == 'poll' || $type == 'article') {
! if ( $type == 'poll' ) {
! $delete_option = SEC_hasRights( 'poll.edit' );
! } else {
! $delete_option = SEC_hasRights( 'story.edit' );
! }
! $delete_option = ( $delete_option &&
! SEC_hasAccess( $A['owner_id'], $A['group_id'],
! $A['perm_owner'], $A['perm_group'], $A['perm_members'],
! $A['perm_anon'] ) == 3 ? true : false );
! } else {
! $delete_option = false;
! }
! $display .= CMT_userComments ($sid, $title, $type,
! COM_applyFilter ($_REQUEST['order']), $format, $cid,
! COM_applyFilter ($_REQUEST['page'], true), true, $delete_option);
! } else {
! $display .= COM_startBlock ($LANG_ACCESS['accessdenied'], '',
! COM_getBlockTemplate ('_msg_block', 'header'))
! . $LANG_ACCESS['storydenialmsg']
! . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
! }
! $display .= COM_siteFooter();
! } else {
! $display .= COM_refresh($_CONF['site_url'] . '/index.php');
! }
break;
case 'display':
! $pid = COM_applyFilter ($_REQUEST['pid'], true);
! if ($pid > 0) {
! $sql = "SELECT sid, title, type FROM {$_TABLES['comments']} WHERE cid = $pid";
! $A = DB_fetchArray( DB_query($sql) );
! $sid = $A['sid'];
! $title = $A['title'];
! $type = $A['type'];
! $allowed = 1;
! if ($type == 'article') {
! $result = DB_query ("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (sid = '$sid') AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND') . COM_getTopicSQL ('AND'));
! $A = DB_fetchArray ($result);
! $allowed = $A['count'];
! } else if ($type == 'poll') {
! $result = DB_query ("SELECT COUNT(*) AS count FROM {$_TABLES['pollquestions']} WHERE (qid = '$sid')" . COM_getPermSQL ('AND'));
! $A = DB_fetchArray ($result);
! $allowed = $A['count'];
! }
! $display .= COM_siteHeader();
! if ($allowed == 1) {
! $format = COM_applyFilter ($_REQUEST['format']);
! if ( $format != 'threaded' && $format != 'nested' && $format != 'flat' ) {
! $format = 'threaded';
! }
! if ($type == 'poll' || $type == 'article') {
! if ( $type == 'poll' ) {
! $delete_option = SEC_hasRights( 'poll.edit' );
! } else {
! $delete_option = SEC_hasRights( 'story.edit' );
! }
! $delete_option = ( $delete_option &&
! SEC_hasAccess( $A['owner_id'], $A['group_id'],
! $A['perm_owner'], $A['perm_group'], $A['perm_members'],
! $A['perm_anon'] ) == 3 ? true : false );
! } else {
! $delete_option = false;
! }
! $display .= CMT_userComments ($sid, $title, $type,
! COM_applyFilter ($_REQUEST['order']), $format, $pid,
! COM_applyFilter ($_REQUEST['page'], true), false, $delete_option);
! } else {
! $display .= COM_startBlock ($LANG_ACCESS['accessdenied'], '',
! COM_getBlockTemplate ('_msg_block', 'header'))
! . $LANG_ACCESS['storydenialmsg']
! . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
! }
! $display .= COM_siteFooter();
! } else {
! $display .= COM_refresh($_CONF['site_url'] . '/index.php');
! }
break;
case 'report':
! $display = COM_siteHeader ('menu')
! . CMT_reportAbusiveComment (COM_applyFilter ($_GET['cid'], true),
! COM_applyFilter ($_GET['type']))
! . COM_siteFooter ();
break;
case 'sendreport':
! $display = CMT_sendReport (COM_applyFilter ($_POST['cid'], true),
! COM_applyFilter ($_POST['type']));
break;
--- 306,334 ----
case $LANG03[11]: // Submit Comment
! $display .= handleSubmit(); // moved to function for readibility
break;
case 'delete':
! $display .= handleDelete(); // moved to function for readibility
break;
case 'view':
! $display .= handleView(true); // moved to function for readibility
break;
case 'display':
! $display .= handleView(false); // moved to function for readibility
break;
case 'report':
! $display .= COM_siteHeader ('menu')
! . CMT_reportAbusiveComment (COM_applyFilter ($_GET['cid'], true),
! COM_applyFilter ($_GET['type']))
! . COM_siteFooter ();
break;
case 'sendreport':
! $display .= CMT_sendReport (COM_applyFilter ($_POST['cid'], true),
! COM_applyFilter ($_POST['type']));
break;
Index: article.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/article.php,v
retrieving revision 1.60
retrieving revision 1.61
diff -C2 -d -r1.60 -r1.61
*** article.php 25 Jan 2005 04:04:14 -0000 1.60
--- article.php 28 Jan 2005 04:49:09 -0000 1.61
***************
*** 14,17 ****
--- 14,18 ----
// | Jason Whittenburg - jwhitten AT securitygeeks DOT com |
// | Dirk Haun - dirk AT haun-online DOT de |
+ // | Vincent Furia - vinny01 AT users DOT sourceforge DOT net |
// +---------------------------------------------------------------------------+
// | |
***************
*** 40,43 ****
--- 41,45 ----
* @author Jason Whittenburg
* @author Tony Bibbbs <tony at tonybibbs.com>
+ * @author Vincent Furia <vinny01 AT users DOT sourceforge DOT net>
*/
More information about the geeklog-cvs
mailing list