Navigation

← Previous Changeset
Next Changeset →

Changeset 120

Timestamp:

15/06/05 02:54:40 (4 years ago)

Author:

davea

Message:

A veritable feast of updates:
* Comment moderation is in
* moderation can be turned off
* posting new comments uses some shiny AJAX niftiness to make the whole thing more slick. It uses JavaScript?, but falls back nicely if the javascript implementation is either non-existent, or too old to support XmlHttpRequest?.

Enjoy!

Files:

admin.lib.php (modified) (7 diffs)
admin.php (modified) (1 diff)
blog.css (modified) (1 diff)
blog.lib.php (modified) (8 diffs)
blog.sql (modified) (1 diff)
index.php (modified) (1 diff)
postcomment.php (added)
xmlhttp.js (added)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

admin.lib.php

r119	r120
137	137	echo "<li><a href=\"".$this->adminPath."showentries\">"._("Edit entries")."</a></li>\n";
138	138	echo "<li><a href=\"".$this->adminPath."settings\">"._("Settings")."</a></li>\n";
	139	echo "<li><a href=\"".$this->adminPath."moderatecomments\">"._("Comments");
	140	$result = db_getrow(db_query("SELECT COUNT(id) FROM comments WHERE post IN (SELECT id FROM entries WHERE user_id=".$this->id.") AND moderated=false;"));
	141	if($result['count']>0){
	142	echo "<span style=\"font-size: 0.8em; color: red\"> (".$result['count'].")</span>";
	143	}
	144	echo "</a></li>\n";
139	145	if ($this->userName) {
140	146	echo "<li><a href=\"".$this->httpPath."index.php/".$this->userName."\">"._("My blog")."</a></li>\n"; //index.php will need removing when we fix that
…	…
334	340	$description = '';
335	341	$css = 'blog.css';
	342	$moderate = '';
336	343
337	344	//sanitise name
…	…
381	388	$setpass = false;
382	389	}
383
	390
	391	// checkbox for comment moderation
	392	if ($_POST['moderate'] != "") {
	393	$moderate = "true";
	394	} else {
	395	$moderate = "false";
	396	}
	397
384	398	if ($err == 0) { // and update...
385		$query = "UPDATE USERS SET name='{$name}', title='{$title}', description='{$description}', css='{$css}'";
	399	$query = "UPDATE USERS SET name='{$name}', title='{$title}', description='{$description}', css='{$css}', moderate={$moderate}";
386	400	if ($setpass) $query .= ", password='{$password}'";
387	401	$query .= " WHERE username='{$this->userName}';";
…	…
434	448	{
435	449	//pull in user's current settings from the database
436		$sql = db_query("SELECT name, title, description, css FROM users WHERE username='" . $this->userName . "'");
	450	$sql = db_query("SELECT name, title, description, css, moderate FROM users WHERE username='" . $this->userName . "'");
437	451	$settings = db_getrow($sql);
438	452	echo "<div class=\"entry\">\n";
…	…
456	470	echo "</p>\n";
457	471	echo "<p>\n";
	472	echo "<input type=\"checkbox\" name=\"moderate\" id=\"moderate\" ".(($settings['moderate']=="t") ? "checked=\"checked\"" : "")." />\n";
	473	echo "<label for=\"moderate\">"._("Moderate new comments")."</label>\n";
	474	echo "</p>\n";
	475	echo "<p>\n";
458	476	echo "<input type=\"password\" name=\"pass1\" id=\"pass1\" value=\"\" size=\"15\" maxlength=\"16\" tabindex=\"5\" />\n";
459	477	echo "<label for=\"pass1\">"._("Password")."</label>\n";
…	…
468	486	echo "</form>\n";
469	487	echo "</div>\n";
	488	}
	489
	490	function printComments() {
	491	$result = db_query("SELECT comments.*,entries.subject,entries.shortsubject FROM comments,entries WHERE post IN (SELECT id FROM entries WHERE user_id=".$this->id.") AND moderated=false AND comments.post = entries.id ORDER BY entries.subject ASC;");
	492	if(db_num_rows($result)==0) {
	493	error(5, _("No comments need approval."));
	494	return;
	495	}
	496	echo "<form action=\"{$this->adminPath}updatecomments/\" method=\"post\">\n";
	497	echo "<table class=\"td\">\n";
	498	echo "\t<tr>\n";
	499	echo "\t\t<th>Blog Entry</th>\n";
	500	echo "\t\t<th>Author</th>\n";
	501	echo "\t\t<th>Body</th>\n";
	502	echo "\t\t<th>Approve</th>\n";
	503	echo "\t\t<th>Delete</th>\n";
	504	echo "\t</tr>\n";
	505
	506	$count = 0;
	507	while($r = db_getrow($result)) {
	508	echo "\t<tr>\n";
	509	echo "\t\t<td><a href=\"{$this->httpPath}index.php/{$this->userName}/entry/{$r['shortsubject']}\">{$r['subject']}</a></td>\n";
	510	echo "\t\t<td><a href=\"mailto:{$r['email']}\" title=\"IP: {$r['host']}\">{$r['name']}</a></td>\n";
	511	echo "\t\t<td>{$r['body']}</td>\n";
	512	echo "\t\t<td><input type=\"radio\" name=\"group[$count]\" value=\"a:{$r['id']}\" /></td>\n";
	513	echo "\t\t<td><input type=\"radio\" name=\"group[".$count++."]\" value=\"d:{$r['id']}\" /></td>\n";
	514	echo "\t</tr>\n";
	515	}
	516	echo "\t<tr>\n\t\t<td></td>\n\t\t<td></td>\n\t\t<td></td>\n\t\t<td colspan=\"2\"><input type=\"submit\" value=\"Commit\" name=\"submit\" /></td>\n\t</tr>\n";
	517	echo "</table>\n";
	518	}
	519
	520	// approve or delete comments
	521	function updateComments() {
	522	if (count($_POST['group'])==0) {
	523	error(2, _("No comments selected for approval/deletion."));
	524	return;
	525	}
	526	$approved = "";
	527	$acount = 0;
	528	$deleted = "";
	529	$dcount = 0;
	530	foreach($_POST['group'] as $comment) {
	531	$c = explode(":", $comment);
	532	if ($c[0] == "a") {
	533	$approved .= $c[1].", ";
	534	$acount++;
	535	} elseif ($c[0] == "d") {
	536	$deleted .= $c[1].", ";
	537	$dcount++;
	538	} else {
	539	error(1, _("Malformed input."));
	540	return;
	541	}
	542	}
	543	$approved = substr($approved, 0, -2);
	544	$deleted = substr($deleted, 0, -2);
	545
	546	if($deleted!="") {
	547	db_query("DELETE FROM comments WHERE id IN ($deleted);");
	548	}
	549	if($approved!="") {
	550	db_query("UPDATE comments SET moderated=true WHERE id IN ($approved);");
	551	}
	552	echo "Approved $acount comments, deleted $dcount.<br />";
	553	$this->mainPage();
470	554	}
471	555
…	…
516	600	echo count($_POST['entry'])._(" post(s) deleted");
517	601	}
	602	}
	603
	604	function mainPage() {
	605	//Should display blog entries here
	606	echo "<div class=\"entry\">\n";
	607	echo "<h2>"._("Blog Management")."</h2>\n";
	608	echo "<div class=\"td\">\n";
	609	echo "<p>"._("Use the links on the left to manage your blog, or choose a recent entry to edit:")."</p>\n";
	610	$this->printEntries(5, FALSE);
	611	echo "<a href=\"".$this->adminPath."showentries\">show all entries...</a></div>\n";
	612	echo "<p> </p><p> </p>\n"; // To allow the menu to display properly
	613	echo "</div>\n";
518	614	}
519	615

admin.php

r119	r120
66	66	$admin->deleteEntries();
67	67	break;
	68	case "moderatecomments":
	69	$admin->printComments();
	70	break;
	71	case "updatecomments":
	72	$admin->updateComments();
	73	break;
68	74	default:
69	75	//Should display blog entries here

blog.css

r109 r120

266 266 border-bottom: 1px #25B dotted;
267 267 }
268
269 label.invalid {
270 margin-left: 1em;
271 }

blog.lib.php

r117	r120
48	48	error(1,"Bad Username");
49	49	}
50		$sql = db_query("SELECT id, name, title, description, css from users where username = '".$user."' and enabled = true;");
	50	$sql = db_query("SELECT id, name, title, description, css, moderate from users where username = '".$user."' and enabled = true;");
51	51	$sqlNum = db_num_rows($sql);
52	52	if ($sqlNum != 1) {
…	…
67	67	$this->commentError = '';
68	68	$this->entryError = '';
	69	$this->comment_moderation = ($sqlRow['moderate']=='t') ? TRUE : FALSE;
69	70	$this->entryTags = array('<b>','<i>','<strong>','<em>','<p>','<a>','<img>','<hr>','<br>');
70	71
…	…
189	190	$sql = db_query("SELECT timestamp, name, email, body, host FROM comments WHERE post = ".$postid." and moderated = true ORDER BY timestamp ASC limit ".$limit." OFFSET ".$offset.";");
190	191	$sqlNum = db_num_rows($sql);
	192	echo "<div id=\"comments\">\n";
191	193	if ($sqlNum > 0) {
192	194	while ($sqlRow = db_getrow($sql)) {
…	…
194	196	}
195	197	}
	198	echo "</div>\n";
196	199	}
197	200
…	…
233	236	echo "<p>Thank you for your comment</p>\n";
234	237	}
235		echo "<form ~~action=\"".$this->blogPath."postcomment/".$id."#cmt~~\" method=\"post\" id=\"commentform\">\n";
	238	echo "<form onsubmit=\"return postcomment('".$this->httpPath."', '".$this->userName."', '".$id."')\" action=\"".$this->blogPath."postcomment/".$id."\" method=\"post\" id=\"commentform\">\n";
236	239	echo "<p>\n";
237	240	echo "<input type=\"text\" name=\"author\" id=\"author\" value=\"" . (($this->commentError != "") ? strip_tags(trim($_POST['author'])) : "") . "\" size=\"22\" maxlength=\"50\" tabindex=\"1\" />\n";
…	…
246	249	echo "</p>\n";
247	250	echo "<p>\n";
248		echo "<input name=\"submit\" type=\"submit\" id=\"submit\" tabindex=\"4\" value=\"Submit Comment\" />\n";
	251	echo "<input name=\"submit\" type=\"submit\" id=\"submit\" tabindex=\"4\" value=\"Submit Comment\" />";
	252	echo "<label class=\"invalid\" for=\"submit\" id=\"errors\"></label>\n";
249	253	echo "</p>\n";
250	254	echo "</form>\n";
…	…
265	269
266	270	//handles posting of comments
267		function newComment($id)
	271	function newComment($id, $printentry=TRUE)
268	272	{
269	273	$id = $this->makeCleanString($id);
…	…
308	312	//if no errors have been raised so far commit to the db
309	313	if ($this->commentError == "") {
310		$query = "INSERT INTO comments (post, name, email, body, host~~) VALUES ('{$postid}','{$author}','{$email}','{$comment}','{$host}'~~)";
	314	$query = "INSERT INTO comments (post, name, email, body, host, moderated) VALUES ('{$postid}','{$author}','{$email}','{$comment}','{$host}', ".(($this->comment_moderation) ? "false" : "true").")";
311	315	if(!db_query($query)) {
312	316	error(2,_("Database commit failed -").db_error());
313	317	}
314	318	else {
315		echo "<p class=\"invalid\">* "._("Your comment has been added, but before it appears here it must be accepted by the blog owner.")." *</p>";
316		}
317		}
318		$this->printEntryAndComments($id);
	319	if($this->comment_moderation) {
	320	echo "<p class=\"invalid\">* "._("Your comment has been added, but before it appears here it must be accepted by the blog owner.")." *</p>";
	321	} elseif(!$printentry) {
	322	echo "<div class=\"blogcomment\">\n";
	323	echo "<h3>$author writes:</h3>\n";
	324	echo "<p>$comment</p>\n";
	325	echo "<p class=\"entryfoot\">[ ".strftime($this->longDateFormat)." ]</p>\n";
	326	echo "</div>\n";
	327	}
	328	if($printentry) {
	329	$this->printEntryAndComments($id);
	330	}
	331	return TRUE;
	332	}
	333	} else {
	334	echo $this->commentError;
	335	return FALSE;
	336	}
319	337	}
320	338

blog.sql

r107	r120
17	17	description text,
18	18	css text DEFAULT 'blog.css',
19		enabled bool NOT NULL DEFAULT true;
	19	enabled bool NOT NULL DEFAULT true,
	20	moderate bool NOT NULL DEFAULT true;
20	21	);
21	22

index.php

r109	r120
16	16	<link rel="stylesheet" href="<? echo $blog->httpPath.$blog->cssFile; ?>" type="text/css" />
17	17	<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="<? echo "http://".$_SERVER['HTTP_HOST'].$blog->httpPath."feed.php/".$blog->userName.(($request[0]=="category")?"/category/".(int)$request[1]:""); ?>" />
	18	<script type="text/javascript" src="<?php echo $blog->httpPath; ?>xmlhttp.js"></script>
18	19	</head>
19	20	<body>

r109	r120
266	266	border-bottom: 1px #25B dotted;
267	267	}
	268
	269	label.invalid {
	270	margin-left: 1em;
	271	}