Context Navigation

← Previous Change
Next Change →

Changeset 156 for trunk/admin

Timestamp:

05/09/06 00:12:50 (3 years ago)

Author:

michiel

Message:

Implemented users for a blog.
Authors can now decide to turn of anonymous comments.
This is a global setting. When activated authors can
choose per post wether anon comments are allowed.
This is disabled by default so only logged in users
can comment.

This patch includes a database update

Re #60

Files:

: 1 modified

trunk/admin/index.php (modified) (11 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/admin/index.php

r155	r156
167	167	global $db;
168	168	if ($id==0) {
169		$post["id"] = 0;
170		$post["title"] = "post title";
171		$post["body"] = "post body";
172		$post["date"] = mktime();
173		$post["categories_id"] = 0;
174		$post["active"] = 1;
175		$post["public"] = 1;
176		$post["mail_comments"] = 1;
	169	$post["id"] = 0;
	170	$post["title"] = "post title";
	171	$post["body"] = "post body";
	172	$post["date"] = mktime();
	173	$post["categories_id"] = 0;
	174	$post["active"] = 1;
	175	$post["public"] = 1;
	176	$post["mail_comments"] = 1;
	177	$post["allowanoncomments"] = 0;
177	178	} else {
178	179	$res =& $db->query(sprintf("SELECT * FROM articles WHERE id = %d", $id));
…	…
272	273	<span class="log_author">public: <input type="checkbox" value="1" name="post[public]" <? if ($post["public"]) { echo "checked=\"checked\""; } ?> /></span>
273	274	<span class="log_author">aside: <input type="checkbox" value="1" name="post[aside]" <? if ($post["aside"]) { echo "checked=\"checked\""; } ?> /></span>
	275	<span class="log_author">anoncomments: <input type="checkbox" value="1" name="post[allowanoncomments]" <? if ($post["allowanoncomments"]) { echo "checked=\"checked\""; } ?> /></span>
274	276	</div>
275	277	</div>
…	…
290	292	$r =& $db->query($sql);
291	293	$r->fetchInto($orig_post, DB_FETCHMODE_ASSOC);
292		$query = sprintf("UPDATE articles SET title = '%s', body = '%s', categories_id = %d, active = %d, public = %d, aside = %d, mail_comments = %d",
	294	$query = sprintf("UPDATE articles SET title = '%s', body = '%s', categories_id = %d, active = %d, public = %d, aside = %d, mail_comments = %d, allowanoncomments = %d",
293	295	preg_quote(strip_tags($post["title"]), "'"),
294	296	preg_quote(_strip_tags($post["body"]), "'"),
…	…
297	299	$post["public"],
298	300	$post["aside"],
299		$post["mail_comments"]
	301	$post["mail_comments"],
	302	$post["allowanoncomments"]
300	303	);
301	304	//if post was inactive, and now it's active, we don't update the "modified" fields in the database.
…	…
313	316	$query .= sprintf(" WHERE id = %d", $post["id"]);
314	317	} else {
315		$query = "INSERT INTO articles (title, body, authors_id, categories_id, date, active, public, aside, mail_comments, ping_sent, tb_uri)";
316		$query .= sprintf("VALUES ('%s', '%s', %d, %d, %d, %d, %d, %d, %d, %d, '%s')",
	318	$query = "INSERT INTO articles (title, body, authors_id, categories_id, date, active, public, aside, mail_comments, ping_sent, tb_uri, allowanoncomments)";
	319	$query .= sprintf("VALUES ('%s', '%s', %d, %d, %d, %d, %d, %d, %d, %d, '%s', %d)",
317	320	preg_quote(strip_tags($post["title"]), "'"),
318	321	preg_quote(_strip_tags($post["body"]), "'"),
…	…
321	324	mktime(date("H"), date("i"), date("s"), $post["month"], $post["day"], $post["year"]),
322	325	$post["active"], $post["public"], $post["aside"], $post["mail_comments"], 0,
323		preg_quote($post["tb_uri"], "'")
	326	preg_quote($post["tb_uri"], "'"), $post["allowanoncomments"]
324	327	);
325	328	}
…	…
787	790	}
788	791	}
789
	792	//}}}------------------------------------
	793	//{{{ show_users(); Show registered users
	794	//---------------------------------------
	795	function show_users() {
	796	global $db;
	797	$res =& $db->query("SELECT * FROM blog_users ORDER BY username");
	798	if (PEAR::isError($res)) {
	799	die($res->getMessage());
	800	}
	801
	802	?><a href="./index.php?action=edit_author&id=0">create new</a><?
	803	while ($res->fetchInto($row, DB_FETCHMODE_ASSOC)) {
	804	?>
	805	<div class="log_post">
	806	<div class="log_head">
	807	<span class="log_subject">
	808
	809	<a href="?action=edit_user&id=<?=$row["id"]?>">
	810	<?=stripslashes($row["realname"])?>
	811	<? if ($row["active"]) { ?>
	812	(active)
	813	<? } else { ?>
	814	(inactive)
	815	<? } ?>
	816	</a>
	817	<span class="log_cat">
	818	loginname: <?=stripslashes($row["username"])?>
	819	</span>
	820	</span>
	821	</div>
	822	<div class="log_foot">
	823	</div>
	824	</div>
	825	<?
	826	}
	827
	828	}
	829	//}}}-------------------------------------------------
	830	//{{{ edit_user($userid): show form to manipulate user
	831	//----------------------------------------------------
	832	function edit_user($userid) {
	833	global $db;
	834	if ($userid==0) {
	835	$user["id"] = 0;
	836	$user["username"] = "login";
	837	$user["password"] = "";
	838	$user["email"] = "";
	839	$user["realname"] = "";
	840	$user["active"] = 1;
	841	$user["website"] = "http://";
	842	} else {
	843	$res =& $db->query(sprintf("SELECT * FROM blog_users WHERE id = %d", $userid));
	844	if (PEAR::isError($res)) {
	845	die($res->getMessage());
	846	}
	847	$res->fetchInto($user, DB_FETCHMODE_ASSOC);
	848	}
	849	if ($_REQUEST["error"]) {
	850	echo "<font color=\"red\">".stripslashes(_strip_tags($_REQUEST["error"]))."</font>";
	851	}
	852	?>
	853	<form name="user" method="post" action="index.php">
	854	<input type="hidden" name="action" value="save_user" />
	855	<input type="hidden" name="user[id]" value="<?=$user["id"]?>" />
	856	<input type="hidden" id="active" name="user[active]" value="<?=$user["active"]?>" />
	857	<div class="log_post">
	858	<div class="log_head">
	859	<span class="log_subject">
	860	<? if ($userid) { ?>
	861	<?=stripslashes($user["username"])?>
	862	<? } else { ?>
	863	login: <input type="text" name="user[username]" value="<?=stripslashes($user["username"])?>" />
	864	<? } ?>
	865	</span>
	866	</div>
	867	<div class="log_body">
	868	<span class="log_contents">
	869	<table border="0" cellspacing="0" cellpadding="0"><tr>
	870	<td align="right">password:</td>
	871	<td><input type="password" name="user[password]" /></td>
	872	</tr><tr>
	873	<td align="right">password(repeat):</td>
	874	<td><input type="password" name="user[password1]" /></td>
	875	</tr><tr>
	876	<td align="right">email:</td>
	877	<td><input type="text" name="user[email]" value="<?=stripslashes($user["email"])?>" /></td>
	878	</tr><tr>
	879	<td align="right">website:</td>
	880	<td><input type="text" name="user[website]" value="<?=stripslashes($user["website"])?>" /></td>
	881	</tr><tr>
	882	<td align="right">full name: </td>
	883	<td><input type="text" name="user[realname]" value="<?=stripslashes($user["realname"])?>" /></td>
	884	</tr></table>
	885	</span>
	886	<input type="submit" value="save" />
	887	<? if ($userid) { ?>
	888	<? if ($user["active"]) { ?>
	889	<input type="button" value="disable" onClick="document.forms.user.active.value=0;document.forms.user.action.value='save_user';document.forms.user.submit();" />
	890	<? } else { ?>
	891	<input type="button" value="enable" onClick="document.forms.user.active.value=1;document.forms.user.action.value='save_user';document.forms.user.submit();" />
	892	<? } ?>
	893	<input type="button" value="delete" onclick="del_user();" />
	894	<? } ?>
	895	</div>
	896	<div class="log_foot">
	897	<script language="Javascript1.2" type="text/javascript">
	898	function del_user() {
	899	if (confirm('Are you sure you want to delete this user')) {
	900	document.forms.user.action.value='delete_user';
	901	document.forms.user.submit();
	902	}
	903	}
	904	</script>
	905	</div>
	906	</div>
	907	</form>
	908	<?
	909	}
	910	//}}}-----------------------------------------------------
	911	//{{{ save_user($user): store new/altered user in database
	912	//--------------------------------------------------------
	913	function save_user($user) {
	914	global $db;
	915	if ($user["password"] && $user["password1"]) {
	916	if ($user["password"] != $user["password1"]) {
	917	$error = "Passwords don't match. Please correct this error and try again.";
	918	}
	919	}
	920	//make sure we are not inserting double loginnames
	921	if (!$user["id"]) {
	922	$res =& $db->query("SELECT COUNT(*) FROM blog_users WHERE username='".$user["username"]."'");
	923	$res->fetchInto($count);
	924	if ($count[0]) {
	925	$error = "Login already excists. Please correct this error and try again.";
	926	}
	927	}
	928	if (!$error) {
	929	if ($user["id"]) {
	930	$query = sprintf("UPDATE blog_users SET realname = '%s', email = '%s', website = '%s', active = %d",
	931	preg_quote(strip_tags($user["realname"]), "'"),
	932	preg_quote(strip_tags($user["email"]), "'"),
	933	preg_quote(strip_tags($user["website"]), "'"),
	934	$user["active"]
	935	);
	936	if (trim($user["password"])) {
	937	$query .= sprintf(", password = '%s'", trim(preg_quote(strip_tags($user["password"]), "'")));
	938	}
	939	$query .= sprintf(" WHERE id = %d", $user["id"]);
	940	} else {
	941	$query = sprintf("INSERT INTO blog_users (password, realname, email, website, username, active) VALUES ('%s', '%s', '%s', '%s', '%s', %d)",
	942	preg_quote(strip_tags(trim($user["password"])), "'"),
	943	preg_quote(strip_tags($user["realname"]), "'"),
	944	preg_quote(strip_tags($user["email"]), "'"),
	945	preg_quote(strip_tags($user["website"]), "'"),
	946	preg_quote(strip_tags($user["username"]), "'"),
	947	$user["active"]
	948	);
	949	}
	950	$res =& $db->query($query);
	951	if (PEAR::isError($res)) {
	952	die($res->getUserInfo());
	953	}
	954	header("Location: index.php?action=show_users");
	955	} else {
	956	header("Location: index.php?action=edit_user&id=".$user["id"]."&error=$error");
	957	}
	958	}
	959	//}}}------------------------------------------------
	960	//{{{ delete_user($userid): remove user from database
	961	//---------------------------------------------------
	962	function delete_user($userid) {
	963	$userid = sprintf("%d", $userid);
	964	if ($userid > 0) {
	965	/* check if user is in database */
	966	$sql = sprintf("SELECT COUNT(*) FROM blog_users WHERE id = %d", $userid);
	967	$res =& $GLOBALS["db"]->query($sql);
	968	$res->fetchInto($row);
	969	if ($row[0] > 0) {
	970	$sql = sprintf("DELETE FROM blog_users WHERE id = %d", $userid);
	971	$res = $GLOBALS["db"]->query($sql);
	972	}
	973	}
	974	header("Location: index.php?action=show_users");
	975	}
790	976	//}}}---------------------------------------
791	977	//{{{ show_settings(); show the blogsettings
…	…
831	1017	<option value="75"<? if ($settings["postsperpage"] == 75) { echo " SELECTED"; } ?>>75</option>
832	1018	<option value="100"<? if ($settings["postsperpage"] == 100) { echo " SELECTED"; } ?>>100</option>
	1019	</select>
	1020	</td>
	1021	</tr><tr>
	1022	<td>enable anonymous comments</td>
	1023	<td>
	1024	<select name="settings[allowanoncomments]">
	1025	<option value="0">no</option>
	1026	<option value="1"<? if ($settings["allowanoncomments"] == 1) { echo " SELECTED"; } ?>>yes</option>
833	1027	</select>
834	1028	</td>
…	…
1068	1262	//-----------------------------------------------------------
1069	1263	function delete_comment($id) {
1070		$sql = sprintf("~~UPDATE comments set deleted = %d WHERE id = %d", mktime()~~, $id);
	1264	$sql = sprintf("DELETE FROM comments WHERE id = %d", $id);
1071	1265	$res = $GLOBALS["db"]->query($sql);
1072	1266	header("Location: index.php?action=show_comments");
…	…
1179	1373	<a class="if_menu_item<? if ($_REQUEST["action"] == "show_cats") { echo "_act"; } ?>" href="./index.php?action=show_cats">categories</a>
1180	1374	<a class="if_menu_item<? if ($_REQUEST["action"] == "show_authors") { echo "_act"; } ?>" href="./index.php?action=show_authors">authors</a>
	1375	<a class="if_menu_item<? if ($_REQUEST["action"] == "show_users") { echo "_act"; } ?>" href="./index.php?action=show_users">users</a>
1181	1376	<a class="if_menu_item<? if ($_REQUEST["action"] == "show_posts") { echo "_act"; } ?>" href="./index.php?action=show_posts">posts</a>
1182	1377	<a class="if_menu_item<? if ($_REQUEST["action"] == "show_comments") { echo "_act"; } ?>" href="./index.php?action=show_comments">comments</a>
…	…
1208	1403	case "edit_author" : edit_author($_REQUEST["id"]); break;
1209	1404	case "save_author" : save_author($_POST["author"]); break;
	1405	case "show_users" : show_users(); break;
	1406	case "edit_user" : edit_user($_REQUEST["id"]); break;
	1407	case "save_user" : save_user($_POST["user"]); break;
	1408	case "delete_user" : delete_user($_REQUEST["user"]["id"]); break;
1210	1409	case "show_settings" : show_settings(); break;
1211	1410	case "save_settings" : save_settings($_POST["settings"]); break;

Context Navigation

Changeset 156 for trunk/admin

Legend:

trunk/admin/index.php

Download in other formats: