Allow logged in users to see their private articles and STRs.

Allow logged in users to modify their articles (sets is_published to 0).

Send article notification emails to admin address.

Fix LOGIN_foo globals in auth.php (didn't declare as global everywhere)

Tweek background colors for softer appearance.

Add PHP_URL global for full URL to pages.

Fix notification emails to use the full URL.
This commit is contained in:
Michael R Sweet 2004-05-19 21:17:47 +00:00
parent 6a062afd64
commit 8c31377933
7 changed files with 271 additions and 115 deletions

View File

@ -1,9 +1,13 @@
<?php <?php
// //
// "$Id: articles.php,v 1.9 2004/05/19 16:34:54 mike Exp $" // "$Id: articles.php,v 1.10 2004/05/19 21:17:47 mike Exp $"
// //
// Web form for the article table... // Web form for the article table...
// //
// Contents:
//
// notify_users() - Notify users of new/updated articles...
//
// //
@ -14,6 +18,34 @@ include_once "phplib/html.php";
include_once "phplib/common.php"; include_once "phplib/common.php";
//
// 'notify_users()' - Notify users of new/updated articles...
//
function
notify_users($id, // I - Article #
$what = "created") // I - Reason for notification
{
global $PHP_URL, $PROJECT_EMAIL, $PROJECT_NAME;
$result = db_query("SELECT * FROM article WHERE id = $id");
if (db_count($result) == 1)
{
$row = db_next($result);
mail($PROJECT_EMAIL, "$PROJECT_NAME Article #$id $what",
wordwrap("$row[create_user] has $what an article titled, "
."'$row[title]' with the following abstract:\n\n"
." $row[abstract]\n\n"
."Please approve or delete this article via the following "
."page:\n\n"
." $PHP_URL?L$id\n"),
"From: noreply@easysw.com\r\n");
}
}
// Get command-line options... // Get command-line options...
// //
// Usage: article.php [operation] [options] // Usage: article.php [operation] [options]
@ -56,7 +88,7 @@ if ($argc)
exit(); exit();
} }
if (($op == 'D' || $op == 'M' && $op != 'B') && $LOGIN_LEVEL < AUTH_DEVEL) if ($op == 'B' && $LOGIN_LEVEL < AUTH_DEVEL)
{ {
html_header("Article Error"); html_header("Article Error");
print("<p>You don't have permission to use command '$op'!\n"); print("<p>You don't have permission to use command '$op'!\n");
@ -64,6 +96,35 @@ if ($argc)
exit(); exit();
} }
if (($op == 'D' || $op == 'M') && $LOGIN_LEVEL < AUTH_DEVEL)
{
$result = db_query("SELECT * FROM article WHERE id = $id");
if (db_count($result) != 1)
{
db_free($result);
html_header("Article Error");
print("<p>Article #$id does not exist!\n");
html_footer();
exit();
}
$row = db_next($result);
if ($row['create_user'] != $LOGIN_USER &&
$row['create_user'] != $LOGIN_EMAIL)
{
db_free($result);
html_header("Article Error");
print("<p>You don't have permission to use command '$op'!\n");
html_footer();
exit();
}
db_free($result);
}
if ($op == 'N' && $id) if ($op == 'N' && $id)
{ {
html_header("Article Error"); html_header("Article Error");
@ -183,7 +244,7 @@ switch ($op)
."<p><table width='100%' cellpadding='5' cellspacing='0' border='0'>\n"); ."<p><table width='100%' cellpadding='5' cellspacing='0' border='0'>\n");
if (!$row['is_published']) if (!$row['is_published'])
print("<tr><th align='center' colspan='2'>This Article is " print("<tr><th align='center' colspan='2'>This article is "
."currently hidden from public view.</td></tr>\n"); ."currently hidden from public view.</td></tr>\n");
$temp = htmlspecialchars($row["title"]); $temp = htmlspecialchars($row["title"]);
@ -215,17 +276,22 @@ switch ($op)
exit(); exit();
} }
$row = db_next($result); $row = db_next($result);
$title = htmlspecialchars($row['title']); $title = htmlspecialchars($row['title']);
$contents = format_text($row['contents']); $abstract = htmlspecialchars($row['abstract']);
$date = date("H:i M d, Y", $row['modify_date']); $contents = format_text($row['contents']);
$create_user = sanitize_email($row['create_user']);
$date = date("H:i M d, Y", $row['modify_date']);
html_header("Article #$id: $title"); html_header("Article #$id: $title");
html_start_links(1); html_start_links(1);
html_link("Return to Articles", "$PHP_SELF?L$options"); html_link("Return to Articles", "$PHP_SELF?L$options");
html_link("Show Comments", "#_USER_COMMENTS"); html_link("Show Comments", "#_USER_COMMENTS");
if ($LOGIN_LEVEL >= AUTH_DEVEL) html_link("Submit Comment", "comment.php?r0+particles.php_L$id");
if ($LOGIN_LEVEL >= AUTH_DEVEL ||
$row['create_user'] == $LOGIN_USER)
{ {
html_link("Modify Article</A>", "$PHP_SELF?M$id$options"); html_link("Modify Article</A>", "$PHP_SELF?M$id$options");
html_link("Delete Article</A>", "$PHP_SELF?D$id$options"); html_link("Delete Article</A>", "$PHP_SELF?D$id$options");
@ -233,21 +299,23 @@ switch ($op)
html_end_links(); html_end_links();
if (!$row['is_published']) if (!$row['is_published'])
print("<p align='center'>This Article is currently hidden from " print("<p align='center'><b>This article is currently hidden from "
."public view.</p>\n"); ."public view.</b></p>\n");
print("<h1>Article #$id: $title</h1>\n" print("<h1>Article #$id: $title</h1>\n"
."<p><i>$date</i></p>\n" ."<p><i>$date by $create_user</i><br />$abstract</p>\n"
."$contents\n"); ."<hr noshade/>\n"
."$contents\n"
."<hr noshade/>\n"
."<h2><a name='_USER_COMMENTS'>Comments</a></h2>\n");
db_free($result); html_start_links();
html_link("Submit Comment", "comment.php?r0+particles.php_L$id");
print("<hr noshade/>\n" html_end_links();
."<h2><a name='_USER_COMMENTS'>Comments</a> "
."[&nbsp;<a href='comment.php?r0+particles.php_L$id'>"
."Add&nbsp;Comment</a>&nbsp;]</h2>\n");
show_comments("articles.php_L$id"); show_comments("articles.php_L$id");
db_free($result);
} }
else else
{ {
@ -271,7 +339,8 @@ switch ($op)
if ($LOGIN_LEVEL < AUTH_DEVEL) if ($LOGIN_LEVEL < AUTH_DEVEL)
{ {
$query .= "${prefix}is_published = 1"; $query .= "${prefix}(is_published = 1 OR create_user = '"
. db_escape($LOGIN_USER) . "')";
$prefix = " AND "; $prefix = " AND ";
} }
@ -451,6 +520,9 @@ switch ($op)
print("</td></tr>\n"); print("</td></tr>\n");
print("</table></p>\n"); print("</table></p>\n");
} }
print("<p><img src='images/private.gif' width='16' height='16' "
."align='middle' alt='private'/> = hidden from public view</p>\n");
} }
html_footer(); html_footer();
@ -459,7 +531,9 @@ switch ($op)
case 'M' : // Modify Article case 'M' : // Modify Article
if ($REQUEST_METHOD == "POST") if ($REQUEST_METHOD == "POST")
{ {
if (array_key_exists("IS_PUBLISHED", $_POST)) if ($LOGIN_LEVEL < AUTH_DEVEL)
$is_published = 0;
else if (array_key_exists("IS_PUBLISHED", $_POST))
$is_published = (int)$_POST["IS_PUBLISHED"]; $is_published = (int)$_POST["IS_PUBLISHED"];
else else
$is_published = 0; $is_published = 0;
@ -523,6 +597,9 @@ switch ($op)
."modify_user = '$LOGIN_USER' " ."modify_user = '$LOGIN_USER' "
."WHERE id = $id"); ."WHERE id = $id");
if (!$is_published)
notify_users($id, "modified");
header("Location: $PHP_SELF?L$id$options"); header("Location: $PHP_SELF?L$id$options");
} }
else else
@ -536,31 +613,69 @@ switch ($op)
print("<h1>Modify Article #$id</h1>\n"); print("<h1>Modify Article #$id</h1>\n");
if ($REQUEST_METHOD == "POST")
{
print("<p><b>Error:</b> Please fill in the fields marked in "
."<b><font color='red'>bold red</font></b> below and resubmit "
."your article.</p><hr noshade/>\n");
$hstart = "<font color='red'>";
$hend = "</font>";
}
else
{
$hstart = "";
$hend = "";
}
print("<form method='post' action='$PHP_SELF?M$id$options'>" print("<form method='post' action='$PHP_SELF?M$id$options'>"
."<p><table width='100%' cellpadding='5' cellspacing='0' border='0'>\n"); ."<p><table width='100%' cellpadding='5' cellspacing='0' border='0'>\n");
print("<tr><th align='right'>Published:</th><td>"); if ($LOGIN_LEVEL >= AUTH_DEVEL)
select_is_published($is_published); {
print("</td></tr>\n"); print("<tr><th align='right'>Published:</th><td>");
select_is_published($is_published);
print("</td></tr>\n");
}
else
print("<input type='hidden' name='IS_PUBLISHED' value='0'/>\n");
$temp = htmlspecialchars($title, ENT_QUOTES); $title = htmlspecialchars($title, ENT_QUOTES);
print("<tr><th align='right'>Title:</th>"
."<td><input type='text' name='TITLE' "
."value='$temp' size='40'></td></tr>\n");
$temp = htmlspecialchars($abstract, ENT_QUOTES); if ($title == "")
print("<tr><th align='right'>Abstract:</th>" print("<tr><th align='right'>${hstart}Title:${hend}</th>");
."<td><input type='text' name='ABSTRACT' " else
."value='$temp' size='40'></td></tr>\n"); print("<tr><th align='right'>Title:</th>");
print("<td><input type='text' name='TITLE' "
."size='80' value='$title'/></td></tr>\n");
$temp = htmlspecialchars($contents, ENT_QUOTES); $abstract = htmlspecialchars($abstract, ENT_QUOTES);
print("<tr><th align='right' valign='top'>Contents:</th>"
."<td><textarea name='CONTENTS' " if ($abstract == "")
print("<tr><th align='right'>${hstart}Abstract:${hend}</th>");
else
print("<tr><th align='right'>Abstract:</th>");
print("<td><input type='text' name='ABSTRACT' "
."size='80' value='$abstract'/></td></tr>\n");
$contents = htmlspecialchars($contents, ENT_QUOTES);
if ($contents == "")
print("<tr><th align='right' valign='top'>${hstart}Contents:${hend}</th>");
else
print("<tr><th align='right' valign='top'>Contents:</th>");
print("<td><textarea name='CONTENTS' "
."cols='80' rows='10' wrap='virtual'>" ."cols='80' rows='10' wrap='virtual'>"
."$temp</textarea></td></tr>\n"); ."$contents</textarea>\n"
."<p>The contents of the article may contain the following "
."HTML elements: <tt>A</tt>, <tt>B</tt>, <tt>BLOCKQUOTE</tt>, "
."<tt>CODE</tt>, <tt>EM</tt>, <tt>H1</tt>, <tt>H2</tt>, "
."<tt>H3</tt>, <tt>H4</tt>, <tt>H5</tt>, <tt>H6</tt>, <tt>I</tt>, "
."<tt>IMG</tt>, <tt>LI</tt>, <tt>OL</tt>, <tt>P</tt>, <tt>PRE</tt>, "
."<tt>TT</tt>, <tt>U</tt>, <tt>UL</tt></p></td></tr>\n");
print("<tr><th colspan='2'>" print("<tr><th colspan='2'>"
."<input type='submit' value='Update Article'></th></tr>\n"); ."<input type='submit' value='Motify Article'/></th></tr>\n");
print("</table></p></form>\n"); print("</table></p></form>\n");
html_footer(); html_footer();
@ -592,13 +707,16 @@ switch ($op)
else else
$contents = ""; $contents = "";
if (array_key_exists("CREATE_USER", $_POST)) if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL)
$create_user = $LOGIN_USER;
else if (array_key_exists("CREATE_USER", $_POST))
$create_user = $_POST["CREATE_USER"]; $create_user = $_POST["CREATE_USER"];
else else
$create_user = ""; $create_user = "";
if (($is_published == 0 || $LOGIN_LEVEL >= AUTH_DEVEL) && if (($is_published == 0 || $LOGIN_LEVEL >= AUTH_DEVEL) &&
$title != "" && $abstract != "" && $contents != "") $title != "" && $abstract != "" && $contents != "" &&
$create_user != "")
$havedata = 1; $havedata = 1;
else else
$havedata = 0; $havedata = 0;
@ -610,7 +728,9 @@ switch ($op)
$abstract = ""; $abstract = "";
$contents = ""; $contents = "";
if (array_key_exists("FROM", $_COOKIE)) if ($LOGIN_USER != "")
$create_user = $LOGIN_USER;
else if (array_key_exists("FROM", $_COOKIE))
$create_user = $_COOKIE["FROM"]; $create_user = $_COOKIE["FROM"];
else else
$create_user = ""; $create_user = "";
@ -632,6 +752,9 @@ switch ($op)
$id = db_insert_id(); $id = db_insert_id();
if (!$is_published)
notify_users($id);
header("Location: $PHP_SELF?L$id$options"); header("Location: $PHP_SELF?L$id$options");
break; break;
} }
@ -656,10 +779,10 @@ switch ($op)
else else
{ {
print("<p>Please use this form to post announcements, how-to's, " print("<p>Please use this form to post announcements, how-to's, "
."examples, and case studies showing how you use $PROJECT. " ."examples, and case studies showing how you use $PROJECT_NAME. "
."We will proofread your article, and if we determine it is " ."We will proofread your article, and if we determine it is "
."appropriate for the site, we will make the article public " ."appropriate for the site, we will make the article public "
."on the site. <i>Thank you</i> for supporting $PROJECT!</p>\n" ."on the site. <i>Thank you</i> for supporting $PROJECT_NAME!</p>\n"
."<hr noshade/>\n"); ."<hr noshade/>\n");
$hstart = ""; $hstart = "";
@ -685,7 +808,7 @@ switch ($op)
else else
print("<tr><th align='right'>Title:</th>"); print("<tr><th align='right'>Title:</th>");
print("<td><input type='text' name='TITLE' " print("<td><input type='text' name='TITLE' "
."size='40' value='$title'></td></tr>\n"); ."size='80' value='$title'/></td></tr>\n");
$abstract = htmlspecialchars($abstract, ENT_QUOTES); $abstract = htmlspecialchars($abstract, ENT_QUOTES);
@ -694,7 +817,7 @@ switch ($op)
else else
print("<tr><th align='right'>Abstract:</th>"); print("<tr><th align='right'>Abstract:</th>");
print("<td><input type='text' name='ABSTRACT' " print("<td><input type='text' name='ABSTRACT' "
."size='40' value='$abstract'></td></tr>\n"); ."size='80' value='$abstract'/></td></tr>\n");
$create_user = htmlspecialchars($create_user, ENT_QUOTES); $create_user = htmlspecialchars($create_user, ENT_QUOTES);
@ -702,8 +825,13 @@ switch ($op)
print("<tr><th align='right'>${hstart}Author:${hend}</th>"); print("<tr><th align='right'>${hstart}Author:${hend}</th>");
else else
print("<tr><th align='right'>Author:</th>"); print("<tr><th align='right'>Author:</th>");
print("<td><input type='text' name='CREATE_USER' "
."size='40' value='$create_user'></td></tr>\n"); if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL)
print("<td><input type='hidden' name='CREATE_USER' "
."value='$create_user'/>$create_user</td></tr>\n");
else
print("<td><input type='text' name='CREATE_USER' "
."size='40' value='$create_user'/></td></tr>\n");
$contents = htmlspecialchars($contents, ENT_QUOTES); $contents = htmlspecialchars($contents, ENT_QUOTES);
@ -722,7 +850,7 @@ switch ($op)
."<tt>TT</tt>, <tt>U</tt>, <tt>UL</tt></p></td></tr>\n"); ."<tt>TT</tt>, <tt>U</tt>, <tt>UL</tt></p></td></tr>\n");
print("<tr><th colspan='2'>" print("<tr><th colspan='2'>"
."<input type='submit' value='Submit Article'></th></tr>\n"); ."<input type='submit' value='Submit Article'/></th></tr>\n");
print("</table></p></form>\n"); print("</table></p></form>\n");
html_footer(); html_footer();
@ -731,6 +859,6 @@ switch ($op)
// //
// End of "$Id: articles.php,v 1.9 2004/05/19 16:34:54 mike Exp $". // End of "$Id: articles.php,v 1.10 2004/05/19 21:17:47 mike Exp $".
// //
?> ?>

View File

@ -1,6 +1,6 @@
<?php <?php
// //
// "$Id: index.php,v 1.3 2004/05/19 14:02:38 mike Exp $" // "$Id: index.php,v 1.4 2004/05/19 21:17:47 mike Exp $"
// //
// Mini-XML home page... // Mini-XML home page...
// //
@ -62,11 +62,12 @@ else
{ {
while ($row = db_next($result)) while ($row = db_next($result))
{ {
$id = $row['id']; $id = $row['id'];
$title = htmlspecialchars($row['title'], ENT_QUOTES); $title = htmlspecialchars($row['title'], ENT_QUOTES);
$abstract = htmlspecialchars($row['abstract'], ENT_QUOTES); $abstract = htmlspecialchars($row['abstract'], ENT_QUOTES);
$date = date("H:i M d, Y", $row['modify_date']); $create_user = sanitize_email($row['create_user']);
$count = count_comments("articles.php_L$id"); $date = date("H:i M d, Y", $row['modify_date']);
$count = count_comments("articles.php_L$id");
if ($count == 1) if ($count == 1)
$count .= " comment"; $count .= " comment";
@ -74,7 +75,7 @@ else
$count .= " comments"; $count .= " comments";
print("<h3><a href='articles.php?L$id'>$title</a></h3>\n" print("<h3><a href='articles.php?L$id'>$title</a></h3>\n"
."<p><i>$date, $count</i><br />$abstract [&nbsp;" ."<p><i>$date by $create_user, $count</i><br />$abstract [&nbsp;"
."<a href='articles.php?L$id'>Read</a>&nbsp;]</p>\n"); ."<a href='articles.php?L$id'>Read</a>&nbsp;]</p>\n");
} }
} }
@ -87,6 +88,6 @@ print("</td></tr>\n"
html_footer(); html_footer();
// //
// End of "$Id: index.php,v 1.3 2004/05/19 14:02:38 mike Exp $". // End of "$Id: index.php,v 1.4 2004/05/19 21:17:47 mike Exp $".
// //
?> ?>

View File

@ -1,6 +1,6 @@
<? <?
// //
// "$Id: auth.php,v 1.6 2004/05/19 14:02:38 mike Exp $" // "$Id: auth.php,v 1.7 2004/05/19 21:17:47 mike Exp $"
// //
// Authentication functions for PHP pages... // Authentication functions for PHP pages...
// //
@ -33,6 +33,7 @@ define("AUTH_ADMIN", 100);
$LOGIN_LEVEL = 0; $LOGIN_LEVEL = 0;
$LOGIN_USER = ""; $LOGIN_USER = "";
$LOGIN_EMAIL = "";
auth_current(); auth_current();
@ -44,7 +45,7 @@ auth_current();
function // O - Current username or "" function // O - Current username or ""
auth_current() auth_current()
{ {
global $_COOKIE, $_SERVER, $LOGIN_LEVEL, $LOGIN_USER; global $_COOKIE, $_SERVER, $LOGIN_EMAIL, $LOGIN_LEVEL, $LOGIN_USER;
// See if the SID cookie is set; if not, the user is not logged in... // See if the SID cookie is set; if not, the user is not logged in...
@ -77,6 +78,7 @@ auth_current()
// Set globals... // Set globals...
$LOGIN_USER = $cookie[0]; $LOGIN_USER = $cookie[0];
$LOGIN_LEVEL = $row["level"]; $LOGIN_LEVEL = $row["level"];
$LOGIN_EMAIL = $row["email"];
$_COOKIE["FROM"] = $row["email"]; $_COOKIE["FROM"] = $row["email"];
// Return the current user... // Return the current user...
@ -96,7 +98,7 @@ function // O - Current username or ""
auth_login($name, // I - Username auth_login($name, // I - Username
$password) // I - Password $password) // I - Password
{ {
global $_COOKIE, $_SERVER, $LOGIN_USER; global $_COOKIE, $_SERVER, $LOGIN_EMAIL, $LOGIN_LEVEL, $LOGIN_USER;
// Reset the user... // Reset the user...
@ -117,6 +119,7 @@ auth_login($name, // I - Username
// Update the username and email... // Update the username and email...
$LOGIN_USER = $name; $LOGIN_USER = $name;
$LOGIN_LEVEL = $row["level"]; $LOGIN_LEVEL = $row["level"];
$LOGIN_EMAIL = $row["email"];
$_COOKIE["FROM"] = $row["email"]; $_COOKIE["FROM"] = $row["email"];
// Compute the session ID... // Compute the session ID...
@ -139,10 +142,11 @@ auth_login($name, // I - Username
function function
auth_logout() auth_logout()
{ {
global $LOGIN_USER; global $LOGIN_EMAIL, $LOGIN_LEVEL, $LOGIN_USER;
$LOGIN_USER = ""; $LOGIN_USER = "";
$LOGIN_EMAIL = "";
$LOGIN_LEVEL = 0; $LOGIN_LEVEL = 0;
setcookie("SID", "", time() + 90 * 86400, "/"); setcookie("SID", "", time() + 90 * 86400, "/");
@ -150,6 +154,6 @@ auth_logout()
// //
// End of "$Id: auth.php,v 1.6 2004/05/19 14:02:38 mike Exp $". // End of "$Id: auth.php,v 1.7 2004/05/19 21:17:47 mike Exp $".
// //
?> ?>

View File

@ -1,6 +1,6 @@
<? <?
// //
// "$Id: common.php,v 1.8 2004/05/19 16:34:54 mike Exp $" // "$Id: common.php,v 1.9 2004/05/19 21:17:47 mike Exp $"
// //
// Common utility functions for PHP pages... // Common utility functions for PHP pages...
// //
@ -88,13 +88,18 @@ count_comments($url, // I - URL for comment
{ {
$result = db_query("SELECT * FROM comment WHERE " $result = db_query("SELECT * FROM comment WHERE "
."url = '" . db_escape($url) ."' " ."url = '" . db_escape($url) ."' "
."AND status > 0 AND parent_id = $parent_id " ."AND parent_id = $parent_id "
."ORDER BY id"); ."ORDER BY id");
$num_comments = db_count($result); $num_comments = 0;
while ($row = db_next($result)) while ($row = db_next($result))
{
if ($row["status"] > 0)
$num_comments ++;
$num_comments += count_comments($url, $row['id']); $num_comments += count_comments($url, $row['id']);
}
db_free($result); db_free($result);
@ -577,7 +582,7 @@ show_comments($url, // I - URL for comment
$result = db_query("SELECT * FROM comment WHERE " $result = db_query("SELECT * FROM comment WHERE "
."url = '" . db_escape($url) ."' " ."url = '" . db_escape($url) ."' "
."AND status > 0 AND parent_id = $parent_id " ."AND parent_id = $parent_id "
."ORDER BY id"); ."ORDER BY id");
if (array_key_exists("MODPOINTS", $_COOKIE)) if (array_key_exists("MODPOINTS", $_COOKIE))
@ -593,42 +598,49 @@ show_comments($url, // I - URL for comment
$safeurl = urlencode($url); $safeurl = urlencode($url);
$num_comments = 0; $num_comments = 0;
$div = 0;
while ($row = db_next($result)) while ($row = db_next($result))
{ {
if ($heading > 3 && $num_comments == 0) if ($row["status"] > 0)
print("<div style='margin-left: 3em;'>\n");
$num_comments ++;
$create_date = date("H:i M d, Y", $row['create_date']);
$create_user = sanitize_email($row['create_user']);
$contents = format_text($row['contents']);
print("<h$heading><a name='_USER_COMMENT_$row[id]'>From</a> "
."$create_user, $create_date (score=$row[status])</h$heading>\n"
."$contents\n");
html_start_links();
html_link("Reply", "${path}comment.php?r$row[id]+p$safeurl");
if ($modpoints > 0)
{ {
if ($row['status'] > 0) if ($heading > 3 && !$div)
html_link("Moderate Down", "${path}comment.php?md$row[id]+p$safeurl"); {
print("<div style='margin-left: 3em;'>\n");
$div = 1;
}
if ($row['status'] < 5) $num_comments ++;
html_link("Moderate Up", "${path}comment.php?mu$row[id]+p$safeurl");
$create_date = date("H:i M d, Y", $row['create_date']);
$create_user = sanitize_email($row['create_user']);
$contents = format_text($row['contents']);
print("<h$heading><a name='_USER_COMMENT_$row[id]'>From</a> "
."$create_user, $create_date (score=$row[status])</h$heading>\n"
."$contents\n");
html_start_links();
html_link("Reply", "${path}comment.php?r$row[id]+p$safeurl");
if ($modpoints > 0)
{
if ($row['status'] > 0)
html_link("Moderate Down", "${path}comment.php?md$row[id]+p$safeurl");
if ($row['status'] < 5)
html_link("Moderate Up", "${path}comment.php?mu$row[id]+p$safeurl");
}
html_end_links();
} }
html_end_links();
$num_comments += show_comments($url, $path, $row['id'], $heading + 1); $num_comments += show_comments($url, $path, $row['id'], $heading + 1);
} }
db_free($result); db_free($result);
if ($num_comments > 0 && $heading > 3) if ($div)
print("</div>\n"); print("</div>\n");
return ($num_comments); return ($num_comments);
@ -636,6 +648,6 @@ show_comments($url, // I - URL for comment
// //
// End of "$Id: common.php,v 1.8 2004/05/19 16:34:54 mike Exp $". // End of "$Id: common.php,v 1.9 2004/05/19 21:17:47 mike Exp $".
// //
?> ?>

View File

@ -1,6 +1,6 @@
<?php <?php
// //
// "$Id: globals.php,v 1.3 2004/05/19 14:02:38 mike Exp $" // "$Id: globals.php,v 1.4 2004/05/19 21:17:47 mike Exp $"
// //
// Global PHP constants and variables... // Global PHP constants and variables...
// //
@ -11,8 +11,8 @@
// Global vars... // Global vars...
// //
$PROJECT = "Mini-XML"; // Title of project $PROJECT_NAME = "Mini-XML"; // Title of project
$EMAIL = "mxml@easysw.com"; // Default notification address $PROJECT_EMAIL = "mxml@easysw.com"; // Default notification address
$PAGE_MAX = 10; // Max items per page $PAGE_MAX = 10; // Max items per page
@ -28,8 +28,12 @@ $PHP_SELF = $_SERVER["PHP_SELF"];
$REQUEST_METHOD = $_SERVER["REQUEST_METHOD"]; $REQUEST_METHOD = $_SERVER["REQUEST_METHOD"];
$SERVER_NAME = $_SERVER["SERVER_NAME"]; $SERVER_NAME = $_SERVER["SERVER_NAME"];
if (array_key_exists("ISHTTPS", $_SERVER))
$PHP_URL = "https://$_SERVER[SERVER_NAME]:$_SERVER[SERVER_PORT]$_SERVER[PHP_SELF]";
else
$PHP_URL = "http://$_SERVER[SERVER_NAME]:$_SERVER[SERVER_PORT]$_SERVER[PHP_SELF]";
// //
// End of "$Id: globals.php,v 1.3 2004/05/19 14:02:38 mike Exp $". // End of "$Id: globals.php,v 1.4 2004/05/19 21:17:47 mike Exp $".
// //
?> ?>

View File

@ -1,6 +1,6 @@
<?php <?php
// //
// "$Id: str.php,v 1.9 2004/05/19 14:02:38 mike Exp $" // "$Id: str.php,v 1.10 2004/05/19 21:17:47 mike Exp $"
// //
// Software Trouble Report page... // Software Trouble Report page...
// //
@ -88,7 +88,7 @@ notify_creator($id, // I - STR #
global $priority_long; global $priority_long;
global $scope_long; global $scope_long;
global $status_long; global $status_long;
global $PHP_SELF, $EMAIL, $PROJECT; global $PHP_URL, $PROJECT_EMAIL, $PROJECT_NAME;
$result = db_query("SELECT * FROM str WHERE id = $id"); $result = db_query("SELECT * FROM str WHERE id = $id");
@ -112,12 +112,12 @@ notify_creator($id, // I - STR #
if ($row['create_user'] != $row['modify_user'] && if ($row['create_user'] != $row['modify_user'] &&
$row['create_user'] != $manager) $row['create_user'] != $manager)
mail($row['create_user'], "$PROJECT STR #$id $what", mail($row['create_user'], "$PROJECT_NAME STR #$id $what",
"Your software trouble report #$id has been $what. You can check\n" "Your software trouble report #$id has been $what. You can check\n"
."the status of the report and add additional comments and/or files\n" ."the status of the report and add additional comments and/or files\n"
."at the following URL:\n" ."at the following URL:\n"
."\n" ."\n"
." $PHP_SELF?L$id\n" ." $PHP_URL?L$id\n"
."\n" ."\n"
." Summary: $row[summary]\n" ." Summary: $row[summary]\n"
." Version: $row[str_version]\n" ." Version: $row[str_version]\n"
@ -128,7 +128,7 @@ notify_creator($id, // I - STR #
."Fix Version: $fix_version\n" ."Fix Version: $fix_version\n"
."\n$contents" ."\n$contents"
."________________________________________________________________\n" ."________________________________________________________________\n"
."Thank you for using the $PROJECT Software Trouble Report page!", ."Thank you for using the $PROJECT_NAME Software Trouble Report page!",
"From: noreply@easysw.com\r\n"); "From: noreply@easysw.com\r\n");
$ccresult = db_query("SELECT email FROM strcc WHERE str_id = $id"); $ccresult = db_query("SELECT email FROM strcc WHERE str_id = $id");
@ -136,12 +136,12 @@ notify_creator($id, // I - STR #
{ {
while ($ccrow = db_next($ccresult)) while ($ccrow = db_next($ccresult))
{ {
mail($ccrow->email, "$PROJECT STR #$id $what", mail($ccrow->email, "$PROJECT_NAME STR #$id $what",
"Software trouble report #$id has been $what. You can check\n" "Software trouble report #$id has been $what. You can check\n"
."the status of the report and add additional comments and/or files\n" ."the status of the report and add additional comments and/or files\n"
."at the following URL:\n" ."at the following URL:\n"
."\n" ."\n"
." $PHP_SELF?L$id\n" ." $PHP_URL?L$id\n"
."\n" ."\n"
." Summary: $row[summary]\n" ." Summary: $row[summary]\n"
." Version: $row[str_version]\n" ." Version: $row[str_version]\n"
@ -152,7 +152,7 @@ notify_creator($id, // I - STR #
."Fix Version: $fix_version\n" ."Fix Version: $fix_version\n"
."\n$contents" ."\n$contents"
."________________________________________________________________\n" ."________________________________________________________________\n"
."Thank you for using the $PROJECT Software Trouble Report page!", ."Thank you for using the $PROJECT_NAME Software Trouble Report page!",
"From: noreply@easysw.com\r\n"); "From: noreply@easysw.com\r\n");
} }
@ -162,15 +162,15 @@ notify_creator($id, // I - STR #
if ($row['manager_email'] != "") if ($row['manager_email'] != "")
$manager = $row['manager_email']; $manager = $row['manager_email'];
else else
$manager = "$EMAIL"; $manager = "$PROJECT_EMAIL";
if ($row['modify_user'] != $manager) if ($row['modify_user'] != $manager)
mail($manager, "$PROJECT STR #$id $what", mail($manager, "$PROJECT_NAME STR #$id $what",
"The software trouble report #$id assigned to you has been $what.\n" "The software trouble report #$id assigned to you has been $what.\n"
."You can manage the report and add additional comments and/or files\n" ."You can manage the report and add additional comments and/or files\n"
."at the following URL:\n" ."at the following URL:\n"
."\n" ."\n"
." $PHP_SELF?L$id\n" ." $PHP_URL?L$id\n"
."\n" ."\n"
." Summary: $row[summary]\n" ." Summary: $row[summary]\n"
." Version: $row[str_version]\n" ." Version: $row[str_version]\n"
@ -186,6 +186,7 @@ notify_creator($id, // I - STR #
} }
} }
// Get command-line options... // Get command-line options...
// //
// Usage: str.php [operation] [options] // Usage: str.php [operation] [options]
@ -660,7 +661,8 @@ switch ($op)
if ($LOGIN_LEVEL < AUTH_DEVEL) if ($LOGIN_LEVEL < AUTH_DEVEL)
{ {
$query .= "${prefix}is_published = 1"; $query .= "${prefix}(is_published = 1 OR create_user = '"
. db_escape($LOGIN_USER) . "')";
$prefix = " AND "; $prefix = " AND ";
} }
@ -947,8 +949,9 @@ switch ($op)
print("<p>" print("<p>"
."MACH = Machine, " ."MACH = Machine, "
."OS = Operating System, " ."OS = Operating System, "
."STR = Software Trouble Report" ."STR = Software Trouble Report, "
."</p>\n"); ."<img src='images/private.gif' width='16' height='16' "
."align='middle' alt='private'/> = hidden from public view</p>\n");
} }
html_footer(); html_footer();
@ -1553,7 +1556,9 @@ switch ($op)
$version = $_POST["VERSION"]; $version = $_POST["VERSION"];
$contents = $_POST["CONTENTS"]; $contents = $_POST["CONTENTS"];
if (array_key_exists("EMAIL", $_POST)) if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL)
$email = $LOGIN_USER;
else if (array_key_exists("EMAIL", $_POST))
{ {
$email = $_POST["EMAIL"]; $email = $_POST["EMAIL"];
setcookie("FROM", "$email", time() + 90 * 86400, "/"); setcookie("FROM", "$email", time() + 90 * 86400, "/");
@ -1578,7 +1583,9 @@ switch ($op)
} }
else else
{ {
if (array_key_exists("FROM", $_COOKIE)) if ($LOGIN_USER != "")
$email = $LOGIN_USER;
else if (array_key_exists("FROM", $_COOKIE))
$email = $_COOKIE["FROM"]; $email = $_COOKIE["FROM"];
else else
$email = ""; $email = "";
@ -1673,11 +1680,11 @@ switch ($op)
else else
{ {
print("<p>Please use this form to report all bugs and request " print("<p>Please use this form to report all bugs and request "
."features in the $PROJECT software. Be sure to include " ."features in the $PROJECT_NAME software. Be sure to include "
."the operating system, compiler, sample programs and/or " ."the operating system, compiler, sample programs and/or "
."files, and any other information you can about your " ."files, and any other information you can about your "
."problem. <i>Thank you</i> for helping us to improve " ."problem. <i>Thank you</i> for helping us to improve "
."$PROJECT!</p><hr noshade/>\n"); ."$PROJECT_NAME!</p><hr noshade/>\n");
$hstart = ""; $hstart = "";
$hend = ""; $hend = "";
@ -1865,6 +1872,6 @@ switch ($op)
} }
// //
// End of "$Id: str.php,v 1.9 2004/05/19 14:02:38 mike Exp $". // End of "$Id: str.php,v 1.10 2004/05/19 21:17:47 mike Exp $".
// //
?> ?>

View File

@ -35,15 +35,15 @@ TR.header, TR.header TH, TH.header {
} }
TR.page { TR.page {
background-color: #f8f8f8; background-color: #f4f4f4;
} }
TR.data0, TD.data0 { TR.data0, TD.data0 {
background-color: #eeeeee; background-color: #e8e8e8;
} }
TR.data1, TD.data1 { TR.data1, TD.data1 {
background-color: #dddddd; background-color: #e0e0e0;
} }
INPUT[TYPE="TEXT"], TEXTAREA { INPUT[TYPE="TEXT"], TEXTAREA {