Thread: [Astrospaces-commits] SF.net SVN: astrospaces: [3] trunk
Brought to you by:
p3net
Menu
▾
▴
astrospaces-commits
|
From: <p3...@us...> - 2007-03-11 02:18:37
|
Revision: 3
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=3&view=rev
Author: p3net
Date: 2007-03-10 18:18:38 -0800 (Sat, 10 Mar 2007)
Log Message:
-----------
-Finish basic database abstraction
-Add uploads directory (for avatars and stuff)
-Fix the misformed header portion (the copyright) on includes/db.php
-Fix the misformed header portion (the copyright) on common.php
Modified Paths:
--------------
trunk/common.php
trunk/includes/db.php
Added Paths:
-----------
trunk/uploads/
Modified: trunk/common.php
===================================================================
--- trunk/common.php 2007-03-10 23:36:04 UTC (rev 2)
+++ trunk/common.php 2007-03-11 02:18:38 UTC (rev 3)
@@ -1,7 +1,7 @@
<?php
/******************************************************************************
-* common.php *
-* AstroSPACES 2 *
+* common.php *
+* AstroSPACES 2 *
* *
* Description: common.php is included by every script in the AstroSPACES *
* package. It sets up things we need for every page, like sessions, *
Modified: trunk/includes/db.php
===================================================================
--- trunk/includes/db.php 2007-03-10 23:36:04 UTC (rev 2)
+++ trunk/includes/db.php 2007-03-11 02:18:38 UTC (rev 3)
@@ -1,7 +1,7 @@
<?php
/******************************************************************************
-* includes/db.php *
-* AstroSPACES 2 *
+* includes/db.php *
+* AstroSPACES 2 *
* *
* Description: db.php handles database abstraction, making AstroSPACES *
* compatible with multiple db engines. It also handles connecting to the db, *
@@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., *
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. *
* *
-* ID: $Id$ *
-* Author: $Author$ *
+* ID: $Id:$ *
+* Author: $Author:$ *
******************************************************************************/
//Die if this file was accessed directly
@@ -55,7 +55,7 @@
}
//Connect to a Postgre SQL database
- else if($dmbs = "pgsql")
+ else if($dmbs == "pgsql")
{
pg_connect("host=" . $db_server . " dbname=" . $db_database . " dbuser=" . $db_user . " db_password=" . $db_password)
or general_error("Could not connect to database");
@@ -72,5 +72,35 @@
define('DB_CONFIG', $prefix . "config");
define('DB_THEMES', $prefix . "themes");
}
+ function query($query)
+ {
+ //Query for SQL databases
+
+ //MySQL
+ if($dbms == "mysql")
+ {
+ $_query=mysql_query($query) or general_error("Error executing query " . $query . ": " . mysql_error());
+ return $_query;
+ }
+
+ //PostgreSQL
+ else if($dmbs == "pgsql")
+ {
+ $_query=pg_query($query) or die("Error executing query " . $query . ": " . pg_error());
+ }
+ }
+ function array($_query)
+ {
+ //We're going to assume $_query is a resource. If it isn't, something's wrong.
+ if($dbms == "mysql")
+ {
+ $result=mysql_fetch_array($_query) or general_error("Could not fetch array: " . mysql_error());
+ return $result;
+ }
+ else if($dbms == "pgsql")
+ {
+ $result=pg_fetch_array($_query) or general_error("Could not fetch array: " . pg_error());
+ }
+ }
}
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-03-11 07:15:18
|
Revision: 4
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=4&view=rev
Author: p3net
Date: 2007-03-10 23:15:18 -0800 (Sat, 10 Mar 2007)
Log Message:
-----------
-Added base for template engine
-Create base directory for default style
-Fix mis-named PostgreSQL function calls in includes/dp.php
-Skeleton files for default template
--outer.tpl (The shell of the page that the content will go in)
--style.css (For later theming)
-Fixed the headers on the top of the files so hopefully they appear right
Modified Paths:
--------------
trunk/common.php
trunk/includes/db.php
Added Paths:
-----------
trunk/includes/template.php
trunk/styles/default/
trunk/styles/default/outer.tpl
trunk/styles/default/style.css
Modified: trunk/common.php
===================================================================
--- trunk/common.php 2007-03-11 02:18:38 UTC (rev 3)
+++ trunk/common.php 2007-03-11 07:15:18 UTC (rev 4)
@@ -82,6 +82,9 @@
//Include everything we need for DB
require_once('includes/db.php');
+ //Templating engine
+ require_once('includes/template.php');
+
//Instantiate a few classes
$db =& new db();
@@ -94,7 +97,20 @@
//Get all of our db schema constants
$db->schema();
- //Todo: Get the values of everything in the config table
- //(That should be all we need on most pages)
+ //OK, now let's get all of the information in the config table
+ $query="SELECT * FROM " . DB_CONFIG;
+ $query=$db->query($query);
+ while($temp=$db->array($query))
+ {
+ //Put it in a lovely 'define' variable...
+ define($temp["config_name"], $temp["config_value"]);
+ }
+ $temp=null; //Unload the $temp var
}
+function parse_page($content)
+{
+ $head =& new template('outer.tpl');
+ $head->set('level', SESSION_LEVEL);
+ $head->set('content', $content);
+}
?>
\ No newline at end of file
Modified: trunk/includes/db.php
===================================================================
--- trunk/includes/db.php 2007-03-11 02:18:38 UTC (rev 3)
+++ trunk/includes/db.php 2007-03-11 07:15:18 UTC (rev 4)
@@ -21,7 +21,7 @@
* with this program; if not, write to the Free Software Foundation, Inc., *
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. *
* *
-* ID: $Id:$ *
+* ID: $Id:$ *
* Author: $Author:$ *
******************************************************************************/
@@ -86,7 +86,7 @@
//PostgreSQL
else if($dmbs == "pgsql")
{
- $_query=pg_query($query) or die("Error executing query " . $query . ": " . pg_error());
+ $_query=pg_query($query) or die("Error executing query " . $query . ": " . pg_last_error());
}
}
function array($_query)
@@ -99,7 +99,7 @@
}
else if($dbms == "pgsql")
{
- $result=pg_fetch_array($_query) or general_error("Could not fetch array: " . pg_error());
+ $result=pg_fetch_array($_query) or general_error("Could not fetch array: " . pg_last_error());
}
}
}
Added: trunk/includes/template.php
===================================================================
--- trunk/includes/template.php (rev 0)
+++ trunk/includes/template.php 2007-03-11 07:15:18 UTC (rev 4)
@@ -0,0 +1,72 @@
+<?php
+/******************************************************************************
+* includes/template.php *
+* AstroSPACES 2 *
+* *
+* Description: template.php is the templating engine for AstroSPACES. While *
+* not very complex, it gets the job done... *
+* *
+* Code borrowed shamelessly from *
+* http://www.massassi.com/php/articles/template_engines/ *
+* *
+* This program is free software; you can redistribute it and/or modify *
+* it under the terms of the GNU General Public License as published by *
+* the Free Software Foundation; either version 2 of the License, or *
+* (at your option) any later version. *
+* *
+* This program is distributed in the hope that it will be useful, *
+* but WITHOUT ANY WARRANTY; without even the implied warranty of *
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+* GNU General Public License for more details. *
+* *
+* You should have received a copy of the GNU General Public License along *
+* with this program; if not, write to the Free Software Foundation, Inc., *
+* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. *
+* *
+* ID: $Id$ *
+* Author: $Author$ *
+******************************************************************************/
+
+/******************************************************************************
+How to use this templating engine:
+
+It may look complex, but it really isn't. Simply create a new instance of the
+class template (by using, for example, $page =& new template();) Then assign
+all the vars you need for your template file by using
+$page->set('name', 'value'); After you've done that, simply call
+page_parse($page), and your page will be parsed.
+
+Note when creating template files, variables you assign are addressed as they
+would be in PHP. That also means that array's are assigned and addressed the
+same way. To loop through an array, use foreach or something similar to that.
+*******************************************************************************/
+
+//Die if this file was accessed directly
+if(!(defined('IN_ASTRO')))
+{
+ die("Hacking Attempt");
+}
+class template()
+{
+ function template($file=null)
+ {
+ $this->$file = $file;
+ }
+ function set($name, $value)
+ {
+ $this->vars[$name] = is_object($value) ? $value->fetch() : $value;
+ }
+ function fetch($file = null)
+ {
+ $stylename = is_defined('STYLE_NAME') ? STYLE_NAME : 'default';
+ if(!$file) $file = $this->file;
+
+ extract($this->vars); // Extract the vars to local namespace
+ ob_start(); // Start output buffering
+ include('../styles/' . $stylename . '/' . $file); // Include the file
+ $contents = ob_get_contents(); // Get the contents of the buffer
+ ob_end_clean(); // End buffering and discard
+ return $contents; // Return the contents
+ }
+}
+?>
\ No newline at end of file
Added: trunk/styles/default/outer.tpl
===================================================================
--- trunk/styles/default/outer.tpl (rev 0)
+++ trunk/styles/default/outer.tpl 2007-03-11 07:15:18 UTC (rev 4)
@@ -0,0 +1,27 @@
+<html>
+ <head>
+ <title>AstroSPACES</title>
+ <meta name="generator" content="Bluefish 1.0.6">
+ <style type="text/css">
+ @import('style.css');
+ </style>
+ </head>
+ <body>
+ <!--Menu-->
+ <!--All Users-->
+ <a href="index.php">Home</a>
+ <!--/All Users-->
+ <!--Auth'd Only-->
+ <?php if($level>-1) { ?>
+ <!--Links here-->
+ <?php } ?>
+ <!--/Auth'd Only-->
+ <!--Admin-->
+ <?php if($level==2) { ?>
+ <!--Links here-->
+ <?php } ?>
+ <!--/Admin-->
+ <!--/Menu-->
+ <?php echo $contents; ?>
+ </body>
+</html>
\ No newline at end of file
Added: trunk/styles/default/style.css
===================================================================
--- trunk/styles/default/style.css (rev 0)
+++ trunk/styles/default/style.css 2007-03-11 07:15:18 UTC (rev 4)
@@ -0,0 +1 @@
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-03-11 15:53:13
|
Revision: 5
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=5&view=rev
Author: p3net
Date: 2007-03-11 08:53:11 -0700 (Sun, 11 Mar 2007)
Log Message:
-----------
-Get a temporary homepage setup
-Basic Profile Functions
--Register
-Add thankyou() function for all the thank you's we have to use
Modified Paths:
--------------
trunk/common.php
trunk/includes/db.php
trunk/includes/template.php
trunk/index.php
trunk/styles/default/outer.tpl
Added Paths:
-----------
trunk/includes/profile.php
trunk/profile.php
trunk/styles/default/index_body.tpl
trunk/styles/default/register.tpl
trunk/styles/default/thankyou.tpl
Modified: trunk/common.php
===================================================================
--- trunk/common.php 2007-03-11 07:15:18 UTC (rev 4)
+++ trunk/common.php 2007-03-11 15:53:11 UTC (rev 5)
@@ -1,29 +1,29 @@
<?php
/******************************************************************************
-* common.php *
-* AstroSPACES 2 *
-* *
-* Description: common.php is included by every script in the AstroSPACES *
-* package. It sets up things we need for every page, like sessions, *
-* database abstraction, etc. It also includes things in the includes *
-* directory that we may need on a regular basis *
-* *
-* This program is free software; you can redistribute it and/or modify *
-* it under the terms of the GNU General Public License as published by *
-* the Free Software Foundation; either version 2 of the License, or *
-* (at your option) any later version. *
-* *
-* This program is distributed in the hope that it will be useful, *
-* but WITHOUT ANY WARRANTY; without even the implied warranty of *
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
-* GNU General Public License for more details. *
-* *
-* You should have received a copy of the GNU General Public License along *
-* with this program; if not, write to the Free Software Foundation, Inc., *
-* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. *
-* *
-* ID: $Id$ *
-* Author: $Author$ *
+* common.php
+* AstroSPACES 2
+*
+* Description: common.php is included by every script in the AstroSPACES
+* package. It sets up things we need for every page, like sessions,
+* database abstraction, etc. It also includes things in the includes
+* directory that we may need on a regular basis
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License along
+* with this program; if not, write to the Free Software Foundation, Inc.,
+* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* ID: $Id$
+* Author: $Author$
******************************************************************************/
//Die if this file was accessed directly
@@ -107,10 +107,59 @@
}
$temp=null; //Unload the $temp var
}
+
+//Our page parsing object (for templateS)
function parse_page($content)
{
$head =& new template('outer.tpl');
$head->set('level', SESSION_LEVEL);
$head->set('content', $content);
}
+
+//Check to see if we are logged in
+function login_check()
+{
+ if(SESSION_LEVEL > -1)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+function sanitize($tag)
+{
+ //Strip out HTML
+ $tag=strip_tags($tag);
+
+ //Make safe for MySQL
+ if($dbms == "mysql")
+ {
+ $tag=mysql_real_escape_string($tag);
+ }
+ //...and for PostgreSQL
+ else if($dmbs == "pgsql")
+ {
+ $tag=pg_escape_string($tag);
+ }
+
+ return $tag;
+}
+
+//Because we do a lot of thank-you type things
+//We're going to write a function to output
+//all of them...
+function thankyou($for,$link1="",$to1="",$link2="",$to2="")
+{
+ $thnx =& new template('thankyou.tpl');
+ $thnx->set('action',$for);
+ $thnx->set('link1', $link1);
+ $thnx->set('link2', $link2);
+ $thnx->set('to1', $to1);
+ $thnx->set('to2', $to2);
+
+ $outer =& new template('outer.tpl');
+ $outer->set('content', $thnx);
+}
?>
\ No newline at end of file
Modified: trunk/includes/db.php
===================================================================
--- trunk/includes/db.php 2007-03-11 07:15:18 UTC (rev 4)
+++ trunk/includes/db.php 2007-03-11 15:53:11 UTC (rev 5)
@@ -1,28 +1,28 @@
<?php
/******************************************************************************
-* includes/db.php *
-* AstroSPACES 2 *
-* *
-* Description: db.php handles database abstraction, making AstroSPACES *
-* compatible with multiple db engines. It also handles connecting to the db, *
-* running queries, etc. *
-* *
-* This program is free software; you can redistribute it and/or modify *
-* it under the terms of the GNU General Public License as published by *
-* the Free Software Foundation; either version 2 of the License, or *
-* (at your option) any later version. *
-* *
-* This program is distributed in the hope that it will be useful, *
-* but WITHOUT ANY WARRANTY; without even the implied warranty of *
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
-* GNU General Public License for more details. *
-* *
-* You should have received a copy of the GNU General Public License along *
-* with this program; if not, write to the Free Software Foundation, Inc., *
-* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. *
-* *
-* ID: $Id:$ *
-* Author: $Author:$ *
+* includes/db.php
+* AstroSPACES 2
+*
+* Description: db.php handles database abstraction, making AstroSPACES
+* compatible with multiple db engines. It also handles connecting to the db,
+* running queries, etc.
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License along
+* with this program; if not, write to the Free Software Foundation, Inc.,
+* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* ID: $Id:$
+* Author: $Author:$
******************************************************************************/
//Die if this file was accessed directly
Added: trunk/includes/profile.php
===================================================================
--- trunk/includes/profile.php (rev 0)
+++ trunk/includes/profile.php 2007-03-11 15:53:11 UTC (rev 5)
@@ -0,0 +1,67 @@
+<?php
+/******************************************************************************
+* includes/profile.php
+* AstroSPACES 2
+*
+* Description: profile.php handles all user related functions: login, logout,
+* friend requests, and registrations.
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License along
+* with this program; if not, write to the Free Software Foundation, Inc.,
+* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* ID: $Id$
+* Author: $Author$
+******************************************************************************/
+class profile()
+{
+ function register()
+ {
+ //Redirect the user to their space if they are logged in
+ if(login_check)
+ {
+ header('location: space.php');
+ }
+
+ //Otherwise, display the registration form
+ $form =& new template('register.tpl');
+ $outer =& new template('outer.tpl');
+ $outer->set('content', $form);
+ }
+ function regsub($var)
+ {
+ //Sanitize our formvars
+ foreach($var as $clean)
+ {
+ $clean=sanitize($clean);
+ }
+ if($password != $password2)
+ {
+ $form =& new template('register.tpl');
+ $outer =& new template('outer.tpl');
+ $outer->set('content', $form);
+ $outer->set('message', "Your passwords did not match");
+ }
+ //Time to insert...
+ $_query="INSERT INTO " . DB_USERS . " VALUES('', '" . $var["username"] . "', '" . md5($var["password"]) .
+ "', '" . $var["email"] . "', '" . $var["aim"] . "', '" . $var["msn"] . "', '" . $var["irc"] .
+ "', '" . $var["icq"] . "', '" . $var["yahoo"] . "', '" . $var["website"] ."');";
+
+ //Run the query
+ $db->query($_query);
+
+ //Display a thankyou
+ thankyou("registering", "login", "profile.php?mode=login");
+ }
+}
+?>
\ No newline at end of file
Modified: trunk/includes/template.php
===================================================================
--- trunk/includes/template.php 2007-03-11 07:15:18 UTC (rev 4)
+++ trunk/includes/template.php 2007-03-11 15:53:11 UTC (rev 5)
@@ -1,30 +1,30 @@
<?php
/******************************************************************************
-* includes/template.php *
-* AstroSPACES 2 *
-* *
-* Description: template.php is the templating engine for AstroSPACES. While *
-* not very complex, it gets the job done... *
-* *
-* Code borrowed shamelessly from *
-* http://www.massassi.com/php/articles/template_engines/ *
-* *
-* This program is free software; you can redistribute it and/or modify *
-* it under the terms of the GNU General Public License as published by *
-* the Free Software Foundation; either version 2 of the License, or *
-* (at your option) any later version. *
-* *
-* This program is distributed in the hope that it will be useful, *
-* but WITHOUT ANY WARRANTY; without even the implied warranty of *
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
-* GNU General Public License for more details. *
-* *
-* You should have received a copy of the GNU General Public License along *
-* with this program; if not, write to the Free Software Foundation, Inc., *
-* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. *
-* *
-* ID: $Id$ *
-* Author: $Author$ *
+* includes/template.php
+* AstroSPACES 2
+*
+* Description: template.php is the templating engine for AstroSPACES. While
+* not very complex, it gets the job done...
+*
+* Code borrowed shamelessly from
+* http://www.massassi.com/php/articles/template_engines/
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License along
+* with this program; if not, write to the Free Software Foundation, Inc.,
+* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* ID: $Id$
+* Author: $Author$
******************************************************************************/
/******************************************************************************
Modified: trunk/index.php
===================================================================
--- trunk/index.php 2007-03-11 07:15:18 UTC (rev 4)
+++ trunk/index.php 2007-03-11 15:53:11 UTC (rev 5)
@@ -1 +1,38 @@
-
+<?php
+/******************************************************************************
+* index.php
+* AstroSPACES 2
+*
+* Description: index.php simply shows our home page. It is going to be
+* short and sweet, as pretty much everything is handled by profile.php,
+* space.php, or comment.php.
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License along
+* with this program; if not, write to the Free Software Foundation, Inc.,
+* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* ID: $Id$
+* Author: $Author$
+******************************************************************************/
+
+//Setup everything we need
+define('IN_ASTRO', 1);
+require('common.php');
+construct();
+
+//Eventually, we'll get our 3 most recent users and provide a
+//login box. Until then, we'll just display the page.
+
+$index =& new Template('index_body.tpl');
+parse_page($index);
+?>
\ No newline at end of file
Added: trunk/profile.php
===================================================================
--- trunk/profile.php (rev 0)
+++ trunk/profile.php 2007-03-11 15:53:11 UTC (rev 5)
@@ -0,0 +1,54 @@
+<?php
+/******************************************************************************
+* profile.php
+* AstroSPACES 2
+*
+* Description: profile.php handles all user related functions: login, logout,
+* friend requests, and registrations.
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License along
+* with this program; if not, write to the Free Software Foundation, Inc.,
+* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* ID: $Id$
+* Author: $Author$
+******************************************************************************/
+//Setup everything we need
+define('IN_ASTRO', 1);
+require('common.php');
+construct();
+
+//Try to get our mode
+$mode=$_REQUEST["mode"];
+
+//If we don't have one, error out
+if(empty($mode))
+{
+ general_error("No mode specified.");
+}
+
+//Setup our profiler
+require('includes/profile.php');
+$profile =& new profile();
+
+//Our template switch
+switch($mode)
+{
+ case 'register':
+ $profile->register();
+ break;
+ case 'process':
+ $profile->regsub($_POST);
+ break;
+}
+?>
\ No newline at end of file
Added: trunk/styles/default/index_body.tpl
===================================================================
--- trunk/styles/default/index_body.tpl (rev 0)
+++ trunk/styles/default/index_body.tpl 2007-03-11 15:53:11 UTC (rev 5)
@@ -0,0 +1,2 @@
+
+Welcome to AstroSPACES. Click a link to get started.
\ No newline at end of file
Modified: trunk/styles/default/outer.tpl
===================================================================
--- trunk/styles/default/outer.tpl 2007-03-11 07:15:18 UTC (rev 4)
+++ trunk/styles/default/outer.tpl 2007-03-11 15:53:11 UTC (rev 5)
@@ -22,6 +22,7 @@
<?php } ?>
<!--/Admin-->
<!--/Menu-->
+ <?php echo "<b>" . $message . "</b><br>"; ?>
<?php echo $contents; ?>
</body>
</html>
\ No newline at end of file
Added: trunk/styles/default/register.tpl
===================================================================
--- trunk/styles/default/register.tpl (rev 0)
+++ trunk/styles/default/register.tpl 2007-03-11 15:53:11 UTC (rev 5)
@@ -0,0 +1,12 @@
+<form action="profile.php?mode=process" method="post">
+Username: <input type="text" name="username">
+Password: <input type="password" name="password">
+Password [Confirm]: <input type="password" name="password2">
+Email Address: <input type="text" name="email">
+AIM: <input type="text" name="aim">
+MSN: <input type="text" name="msn">
+IRC: <input type="text" name="irc">
+ICQ: <input type="text" name="icq">
+Yahoo!: <input type="text" name="yahoo">
+Website: <input type="text" name="website">
+</form>
\ No newline at end of file
Added: trunk/styles/default/thankyou.tpl
===================================================================
--- trunk/styles/default/thankyou.tpl (rev 0)
+++ trunk/styles/default/thankyou.tpl 2007-03-11 15:53:11 UTC (rev 5)
@@ -0,0 +1,6 @@
+Thank you for <?php echo $action; ?>.<br><br>
+<?php if(!(empty($link1)) { ?>
+Click <a href="<?php echo $link1; ?>">here</a> to <?php echo $to1; ?>.<br><br>
+<?php } if(!(empty($link2)) { ?>
+Click <a href="<?php echo $link2; ?>">here</a> to <?php echo $to2; ?>.<br><br>
+<?php } ?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-03-11 18:12:55
|
Revision: 6
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=6&view=rev
Author: p3net
Date: 2007-03-11 11:12:54 -0700 (Sun, 11 Mar 2007)
Log Message:
-----------
-Add basic profile functions
--Login
--Logout
-Add installer
Modified Paths:
--------------
trunk/common.php
trunk/includes/db.php
trunk/includes/profile.php
trunk/includes/template.php
trunk/profile.php
trunk/styles/default/outer.tpl
Added Paths:
-----------
trunk/install/install.php
trunk/styles/default/install.tpl
trunk/styles/default/login.tpl
Modified: trunk/common.php
===================================================================
--- trunk/common.php 2007-03-11 15:53:11 UTC (rev 5)
+++ trunk/common.php 2007-03-11 18:12:54 UTC (rev 6)
@@ -71,8 +71,8 @@
define('SESSION_LEVEL', $level);
//Unload the two vars we just used as temps
- $id=null;
- $level=null;
+ unset($id);
+ unset($level);
}
//Construct and include everything needed on every page.
@@ -103,7 +103,7 @@
while($temp=$db->array($query))
{
//Put it in a lovely 'define' variable...
- define($temp["config_name"], $temp["config_value"]);
+ define(strtoupper("CONFIG_" . $temp["config_name"]), $temp["config_value"]);
}
$temp=null; //Unload the $temp var
}
@@ -113,6 +113,7 @@
{
$head =& new template('outer.tpl');
$head->set('level', SESSION_LEVEL);
+ $head->set('name', CONFIG_SITE_NAME);
$head->set('content', $content);
}
Modified: trunk/includes/db.php
===================================================================
--- trunk/includes/db.php 2007-03-11 15:53:11 UTC (rev 5)
+++ trunk/includes/db.php 2007-03-11 18:12:54 UTC (rev 6)
@@ -41,13 +41,13 @@
}
//Connecting to the db is important
- function connect()
+ function connect($db_server="",$db_user="",$db_password="",$db_database="",$dbms="")
{
//Include the config file
include('../config.php');
//Connect to a MySQL database
- if($dmbs == "mysql")
+ if($dbms == "mysql")
{
mysql_connect($db_server, $db_user, $db_password) or general_error("Could not connect to database");
@@ -55,13 +55,13 @@
}
//Connect to a Postgre SQL database
- else if($dmbs == "pgsql")
+ else if($dbms == "pgsql")
{
pg_connect("host=" . $db_server . " dbname=" . $db_database . " dbuser=" . $db_user . " db_password=" . $db_password)
or general_error("Could not connect to database");
}
}
- function schema()
+ function schema($prefix="")
{
//Now we have to setup our schema layout into defined constants
include('../config.php');
@@ -71,8 +71,10 @@
define('DB_PM', $prefix . "private_message");
define('DB_CONFIG', $prefix . "config");
define('DB_THEMES', $prefix . "themes");
+ define('DB_SPACE', $prefix . "space");
+ define('DB_BLOG', $prefix . "blogs");
}
- function query($query)
+ function query($query="")
{
//Query for SQL databases
@@ -84,7 +86,7 @@
}
//PostgreSQL
- else if($dmbs == "pgsql")
+ else if($dbms == "pgsql")
{
$_query=pg_query($query) or die("Error executing query " . $query . ": " . pg_last_error());
}
Modified: trunk/includes/profile.php
===================================================================
--- trunk/includes/profile.php 2007-03-11 15:53:11 UTC (rev 5)
+++ trunk/includes/profile.php 2007-03-11 18:12:54 UTC (rev 6)
@@ -53,15 +53,79 @@
$outer->set('message', "Your passwords did not match");
}
//Time to insert...
- $_query="INSERT INTO " . DB_USERS . " VALUES('', '" . $var["username"] . "', '" . md5($var["password"]) .
+ $_query="INSERT INTO " . DB_USERS . " VALUES('', '1', '" . $var["username"] . "', '" . md5($var["password"]) .
"', '" . $var["email"] . "', '" . $var["aim"] . "', '" . $var["msn"] . "', '" . $var["irc"] .
- "', '" . $var["icq"] . "', '" . $var["yahoo"] . "', '" . $var["website"] ."');";
+ "', '" . $var["icq"] . "', '" . $var["yahoo"] . "', '" . $var["website"] .", '" . time() . "');";
//Run the query
$db->query($_query);
+ //Put some default information into his space
+ $_defspace="INSERT INTO `" . DB_SPACE . "` VALUES('', 'Welcome to AstroSPACES!', 'You can edit " .
+ "these areas and more in your edit profile page!');
+
+ $db->query($_defspace);
+
//Display a thankyou
thankyou("registering", "login", "profile.php?mode=login");
}
+ function login()
+ {
+ //First make sure we're not logged in
+ if(login_check)
+ {
+ //We are, so redirect to our space
+ header('location: space.php');
+ }
+ //Just display the TPL's. Pretty simple
+ $form =& new template('login.tpl');
+ $outer =& new template('outer.tpl');
+ $outer->set('content', $form);
+ }
+ function loginGo($vars)
+ {
+ if(login_check)
+ {
+ //We are, so redirect to our space
+ header('location: space.php');
+ }
+ foreach($vars as $scrub)
+ {
+ $scrub=sanitize($scrub);
+ }
+ $vars["password"] = md5($password);
+ $_query="SELECT * FROM `" . DB_USERS . "` WHERE `password`='" . $vars["password"] .
+ "' AND `email`=$vars["email"]";
+ $_query=$db->query($_query);
+ if(count($db->array($_query)) < 1)
+ {
+ $form =& new template('login.tpl');
+ $outer =& new template('outer.tpl');
+ $outer->set('message', "Username or password incorrect.");
+ $outer->set('content', $form);
+ die();
+ }
+ while($array=$db->array($_query))
+ {
+ $_SESSION["id"]=$array["id"];
+ $_SESSION["level"]=$array["level"];
+ }
+ thankyou("logging in", "your space", "space.php", "go to the index", "index.php");
+ }
+ function logout()
+ {
+ //First make sure we are logged in
+ if(login_check)
+ {
+ session_destroy;
+ unset($_SESSION);
+ thankyou("visting", "go to the index", "index.php");
+ }
+ //If we're not, redirect to login
+ else
+ {
+ header('location: profile.php?mode=login');
+ }
+ }
}
?>
\ No newline at end of file
Modified: trunk/includes/template.php
===================================================================
--- trunk/includes/template.php 2007-03-11 15:53:11 UTC (rev 5)
+++ trunk/includes/template.php 2007-03-11 18:12:54 UTC (rev 6)
@@ -58,7 +58,7 @@
}
function fetch($file = null)
{
- $stylename = is_defined('STYLE_NAME') ? STYLE_NAME : 'default';
+ $stylename = is_defined('STYLE_NAME') ? STYLE_NAME : CONFIG_DEFAULT_STYLE;
if(!$file) $file = $this->file;
extract($this->vars); // Extract the vars to local namespace
Added: trunk/install/install.php
===================================================================
--- trunk/install/install.php (rev 0)
+++ trunk/install/install.php 2007-03-11 18:12:54 UTC (rev 6)
@@ -0,0 +1,206 @@
+
+<?php
+/******************************************************************************
+* install/install.php
+* AstroSPACES 2
+*
+* Description: install/installer.php is the installer for AstroSPACES
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License along
+* with this program; if not, write to the Free Software Foundation, Inc.,
+* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* ID: $Id$
+* Author: $Author$
+******************************************************************************/
+define('IN_ASTRO', 1);
+require("../common.php");
+require('../includes/template.php');
+//No need to construct as we don't have any DB information yet
+$stage = !(empty($_REQUEST["stage"])) ? $_REQUEST["stage"] : 1;
+
+//We could use a switch here but things might get slightly confusing
+
+//Stage 1 -- Collect Information
+if($stage=="1")
+{
+ //Just display the form :D
+
+ $page =& new template('install.tpl');
+ $outer =& new template('outer.tpl');
+ $outer->set('content', $page);
+}
+else if($stage=="2")
+{
+ require("../includes/db.php");
+ $db =& new db();
+
+ //Santize the information we got for db and the admin user
+ foreach($_POST as $scrub)
+ {
+ $scrub=sanitize($scrub);
+ }
+
+ //Put all the information we got into variables
+ $dbms=$_POST["dbtype"];
+ $db_server=$_POST["dbhost"];
+ $db_user=$_POST["dbuser"];
+ $db_password=$_POST["dbpass"];
+ $prefix=$_POST["prefix"];
+ $username=$_POST["user"];
+ $password=$_POST["password"];
+ $password2=$_POST["password2"];
+
+ //We don't need the $_POST array anymore
+ //So we'll unset it
+ unset($_POST);
+
+ //Let's try to connect to the database
+ $db->connect($db_server,$db_user,$db_password,$db_database,$dbms);
+ $db->schema($prefix);
+
+ //We could, so let's setup our installation queries...
+ $_users="CREATE TABLE IF NOT EXISTS `" . DB_USERS . "` (
+ `id` int(11) NOT NULL auto_increment,
+ `user_level` int(1) NOT NULL default 1,
+ `username` text NOT NULL,
+ `password` text NOT NULL,
+ `email` varchar(25) NOT NULL,
+ `aim` text,
+ `msn` text,
+ `irc` text,
+ `irc` text,
+ `yahoo` text,
+ `website` text,
+ `last_login` int(15) NOT NULL default 0,
+ PRIMARY KEY (`id`)
+ ) TYPE=MyISAM AUTO_INCREMENT=1 ;";
+
+ $_comment="CREATE TABLE IF NOT EXISTS `" . DB_COMMENT . "` (
+ `id` int(11) NOT NULL auto_increment,
+ `time` int(15) NOT NULL default 0,
+ `from` int(11) NOT NULL,
+ `to` int(11) NOT NULL,
+ `content` TEXT NOT NULL,
+ PRIMARY KEY (`id`)
+ ) TYPE=MyISAM AUTO_INCREMENT=1 ;";
+
+ $_friends="CREATE TABLE IF NOT EXISTS `" . DB_FRIENDS . "` (
+ `from` int(11) NOT NULL,
+ `to` int(11) NOT NULL,
+ `approved` int(1) NOT NULL default 0
+ ) TYPE=MyISAM ;";
+
+ $_pm="CREATE TABLE IF NOT EXISTS `" . DB_PM . "` (
+ `id` int(11) NOT NULL auto_increment,
+ `to` int(11) NOT NULL,
+ `from` int(11) NOT NULL,
+ `time` int(15) NOT NULL default 0,
+ `content` text NOT NULL,
+ PRIMARY KEY (`id`)
+ ) TYPE=MyISAM AUTO_INCREMENT=1 ;";
+
+ $_config="CREATE TABLE IF NOT EXISTS `" . DB_CONFIG . "` (
+ `config_name` text NOT NULL,
+ `config_value` text NOT NULL
+ ) TYPE=MyISAM ;";
+
+ $_themes="CREATE TABLE IF NOT EXISTS `" . DB_THEMES ."` (
+ `id` int(11) NOT NULL auto_increment,
+ `name` text,
+ PRIMARY KEY (`id`)
+ ) TYPE=MyISAM AUTO_INCREMENT=1 ;";
+
+ $_space="CREATE TABLE IF NOT EXISTS `" . DB_SPACE . "` (
+ `id` int(11) NOT NULL,
+ `left` text,
+ `right` text,
+ PRIMARY KEY (`id`)
+ ) TYPE=MyISAM AUTO_INCREMENT=1 ;";
+
+ $_blog="CREATE TABLE IF NOT EXISTS `" . DB_BLOG . "` (
+ `by` int(11) NOT NULL,
+ `time` int(15) NOT NULL,
+ `post` text NOT NULL
+ ) TYPE=MyISAM ;";
+
+ //We've got all the queries setup -- time to run them!
+ //It would be more efficient to group them into one large
+ //query, but it'd make debugging harder. So, we'll run
+ //them one-by-one
+
+ $db->query($_users);
+ $db->query($_comment);
+ $db->query($_friends);
+ $db->query($_pm);
+ $db->query($_config);
+ $db->query($_themes);
+ $db->query($_space);
+ $db->query($_blog);
+
+ //Now let's register our admin user
+ $_reg="INSERT INTO `" . DB_USERS ."` (user_level, username, password, last_login) VALUES('2', '" .
+ $username . "', '" . md5($password) . "', '" . time() ."');";
+ $db->query($_reg);
+
+ //Put some default information into his space
+ $_defspace="INSERT INTO `" . DB_SPACE . "` VALUES('', 'Welcome to AstroSPACES!', 'You can edit " .
+ "these areas and more in your edit profile page!');
+
+ $db->query($_defspace);
+
+ //Now let's insert some values into the config table
+ $_config = "INSERT INTO `" . DB_CONFIG . "` VALUES('site_name', 'AstroSPACES');";
+ $_config .= " INSERT INTO `" . DB_CONFIG . "` VALUES('version', '2.0.0');";
+ $_config .= " INSERT INTO `" . DB_CONFIG . "` VALUES('default_style', 'default');";
+ $_config .= " INSERT INTO `" . DB_CONFIG . "` VALUES('created' , time());";
+ $_config .= " INSERT INTO `" . DB_CONFIG . "` VALUES('time_format', 'd M Y h:i a');";
+ $_config .= " INSERT INTO `" . DB_CONFIG . "` VALUES('time_offset', '0');";
+
+ $db->query($_config);
+
+ //Now it's time for our default theme
+ $_theme="INSERT INTO `" . DB_THEMES . "` VALUES('', 'default');
+ $db->query($_theme);
+
+ //Now it's time to try and write our config file...
+ $config_file = "
+<?php
+//AstroSPACES auto-generated this file
+//Do not change it unless you know what you are doing
+$dbms = " . $dbms . ";
+$db_server= " . $db_server . ";
+$db_user= " . $db_user . ";
+$db_password=" . $db_password . ";
+$prefix=" . $prefix . ";
+?>";
+ $file="../config.php";
+ if(is_writable($file))
+ {
+ $handle=fopen('../config.php', 'w');
+ if(fwrite($handle, $config_file === FALSE))
+ {
+ general_error("Could not write config file. Please rerun installer.");
+ }
+ else
+ {
+ thankyou("installing AstroSPACES","the index","../index.php");
+ }
+ }
+ else
+ {
+ general_error("Could not open config file for writing. Please ensure that" .
+ " is CHMOD'd 755 and rerun the installer.");
+ }
+}
+?>
\ No newline at end of file
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-03-11 15:53:11 UTC (rev 5)
+++ trunk/profile.php 2007-03-11 18:12:54 UTC (rev 6)
@@ -50,5 +50,14 @@
case 'process':
$profile->regsub($_POST);
break;
+ case 'login':
+ $profile->login();
+ break;
+ case 'loginpro':
+ $profile->loginGo($_POST);
+ break;
+ case 'logout':
+ $profile->logout();
+ break;
}
?>
\ No newline at end of file
Added: trunk/styles/default/install.tpl
===================================================================
--- trunk/styles/default/install.tpl (rev 0)
+++ trunk/styles/default/install.tpl 2007-03-11 18:12:54 UTC (rev 6)
@@ -0,0 +1,16 @@
+<form action="install.php?step=2" method="post">
+--Database Information--
+
+Database Type: <select name="dbtype"><option value="mysql">MySQL</option><option value="pgsql">PostgreSQL</option></select>
+Database Name: <input type="text" name="dbname">
+Database Username: <input type="text" name="dbuser">
+Database Password: <input type="text" name="dbpass">
+Database Host: <input type="text" name="dbhost">
+Table Prefix: <input type="text" name="prefix" value="astro_">
+
+--Admin Account--
+Username: <input type="text" name="user">
+Password: <input type="text" name="password">
+Password [Confirm]: <input type="text" name="password2">
+<input type="submit" name="install" value="Install">
+</form>
\ No newline at end of file
Added: trunk/styles/default/login.tpl
===================================================================
--- trunk/styles/default/login.tpl (rev 0)
+++ trunk/styles/default/login.tpl 2007-03-11 18:12:54 UTC (rev 6)
@@ -0,0 +1,2 @@
+Email Address: <input type="text" name="email">
+Password: <input type="password" name="password">
\ No newline at end of file
Modified: trunk/styles/default/outer.tpl
===================================================================
--- trunk/styles/default/outer.tpl 2007-03-11 15:53:11 UTC (rev 5)
+++ trunk/styles/default/outer.tpl 2007-03-11 18:12:54 UTC (rev 6)
@@ -1,6 +1,6 @@
<html>
<head>
- <title>AstroSPACES</title>
+ <title><?php echo $name; ?></title>
<meta name="generator" content="Bluefish 1.0.6">
<style type="text/css">
@import('style.css');
@@ -11,9 +11,14 @@
<!--All Users-->
<a href="index.php">Home</a>
<!--/All Users-->
+ <!--Unauth'd Only-->
+ <?php if($level==-1) { ?>
+ <a href="profile.php?mode=login">Login</a>
+ <?php } ?>
+ <!--/Unauth'd Only-->
<!--Auth'd Only-->
<?php if($level>-1) { ?>
- <!--Links here-->
+ <a href="profile.php?mode=logout">Logout</a>
<?php } ?>
<!--/Auth'd Only-->
<!--Admin-->
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-03-13 02:09:19
|
Revision: 7
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=7&view=rev
Author: p3net
Date: 2007-03-12 19:09:20 -0700 (Mon, 12 Mar 2007)
Log Message:
-----------
-Add the brains of the operating (space.php)
-Modify the header on the top of includes/template.php, includes/profile.php, includes/db.php, install/install.php, profile.php, index.php, and common.php so hopefully it appears right.
-Add a few functions to common.php (get_username_by_id() and get_icon_by_id())
-Add a few more columns to the users table (install/install.php)
-Update includes/profile.php to respect the above change
Modified Paths:
--------------
trunk/common.php
trunk/includes/db.php
trunk/includes/profile.php
trunk/includes/template.php
trunk/index.php
trunk/install/install.php
trunk/profile.php
Added Paths:
-----------
trunk/space.php
Modified: trunk/common.php
===================================================================
--- trunk/common.php 2007-03-11 18:12:54 UTC (rev 6)
+++ trunk/common.php 2007-03-13 02:09:20 UTC (rev 7)
@@ -22,7 +22,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
-* ID: $Id$
+* ID: $Id: $
* Author: $Author$
******************************************************************************/
@@ -163,4 +163,22 @@
$outer =& new template('outer.tpl');
$outer->set('content', $thnx);
}
+function redirect($to)
+{
+ header('location: ' . $to);
+}
+function get_username_by_id($id)
+{
+ $_query="SELECT `username` FROM " . DB_USERS . " WHERE `id`='" . $id . "'";
+ $_query=$db->query($_query);
+ $_query=$db->array($_query);
+ return $_query["username"];
+}
+function get_icon_by_id($id)
+{
+ $_query="SELECT `icon` FROM " . DB_USERS . "WHERE `id`='" . $id . "'";
+ $_query=$db->query($_query);
+ $_query=$db->array($_query);
+ return $_query["icon"];
+}
?>
\ No newline at end of file
Modified: trunk/includes/db.php
===================================================================
--- trunk/includes/db.php 2007-03-11 18:12:54 UTC (rev 6)
+++ trunk/includes/db.php 2007-03-13 02:09:20 UTC (rev 7)
@@ -21,7 +21,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
-* ID: $Id:$
+* ID: $Id: $
* Author: $Author:$
******************************************************************************/
Modified: trunk/includes/profile.php
===================================================================
--- trunk/includes/profile.php 2007-03-11 18:12:54 UTC (rev 6)
+++ trunk/includes/profile.php 2007-03-13 02:09:20 UTC (rev 7)
@@ -20,7 +20,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
-* ID: $Id$
+* ID: ID: $Id: $
* Author: $Author$
******************************************************************************/
class profile()
@@ -54,15 +54,15 @@
}
//Time to insert...
$_query="INSERT INTO " . DB_USERS . " VALUES('', '1', '" . $var["username"] . "', '" . md5($var["password"]) .
- "', '" . $var["email"] . "', '" . $var["aim"] . "', '" . $var["msn"] . "', '" . $var["irc"] .
- "', '" . $var["icq"] . "', '" . $var["yahoo"] . "', '" . $var["website"] .", '" . time() . "');";
+ "', '" . $var["email"] . "', '../default.gif', '" . $var["aim"] . "', '" . $var["msn"] . "', '" . $var["irc"] .
+ "', '" . $var["icq"] . "', '" . $var["yahoo"] . "', '" . $var["website"] .", 'default', '" . time() . "');";
//Run the query
$db->query($_query);
//Put some default information into his space
$_defspace="INSERT INTO `" . DB_SPACE . "` VALUES('', 'Welcome to AstroSPACES!', 'You can edit " .
- "these areas and more in your edit profile page!');
+ "these areas and more in your edit profile page!");
$db->query($_defspace);
Modified: trunk/includes/template.php
===================================================================
--- trunk/includes/template.php 2007-03-11 18:12:54 UTC (rev 6)
+++ trunk/includes/template.php 2007-03-13 02:09:20 UTC (rev 7)
@@ -23,7 +23,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
-* ID: $Id$
+* ID: $Id: $
* Author: $Author$
******************************************************************************/
Modified: trunk/index.php
===================================================================
--- trunk/index.php 2007-03-11 18:12:54 UTC (rev 6)
+++ trunk/index.php 2007-03-13 02:09:20 UTC (rev 7)
@@ -21,7 +21,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
-* ID: $Id$
+* ID: $Id: $
* Author: $Author$
******************************************************************************/
Modified: trunk/install/install.php
===================================================================
--- trunk/install/install.php 2007-03-11 18:12:54 UTC (rev 6)
+++ trunk/install/install.php 2007-03-13 02:09:20 UTC (rev 7)
@@ -76,23 +76,25 @@
`username` text NOT NULL,
`password` text NOT NULL,
`email` varchar(25) NOT NULL,
+ `icon` varchar(25) NOT NULL,
`aim` text,
`msn` text,
`irc` text,
`irc` text,
`yahoo` text,
`website` text,
+ `theme` text,
`last_login` int(15) NOT NULL default 0,
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=1 ;";
$_comment="CREATE TABLE IF NOT EXISTS `" . DB_COMMENT . "` (
- `id` int(11) NOT NULL auto_increment,
+ `comm_id` int(11) NOT NULL auto_increment,
`time` int(15) NOT NULL default 0,
- `from` int(11) NOT NULL,
- `to` int(11) NOT NULL,
- `content` TEXT NOT NULL,
- PRIMARY KEY (`id`)
+ `comm_from` int(11) NOT NULL,
+ `comm_to` int(11) NOT NULL,
+ `comm_content` TEXT NOT NULL,
+ PRIMARY KEY (`comm_id`)
) TYPE=MyISAM AUTO_INCREMENT=1 ;";
$_friends="CREATE TABLE IF NOT EXISTS `" . DB_FRIENDS . "` (
@@ -155,7 +157,7 @@
//Put some default information into his space
$_defspace="INSERT INTO `" . DB_SPACE . "` VALUES('', 'Welcome to AstroSPACES!', 'You can edit " .
- "these areas and more in your edit profile page!');
+ "these areas and more in your edit profile page!");
$db->query($_defspace);
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-03-11 18:12:54 UTC (rev 6)
+++ trunk/profile.php 2007-03-13 02:09:20 UTC (rev 7)
@@ -20,7 +20,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
-* ID: $Id$
+* ID: $Id: $
* Author: $Author$
******************************************************************************/
//Setup everything we need
Added: trunk/space.php
===================================================================
--- trunk/space.php (rev 0)
+++ trunk/space.php 2007-03-13 02:09:20 UTC (rev 7)
@@ -0,0 +1,158 @@
+<?php
+/******************************************************************************
+* space.php
+* AstroSPACES 2
+*
+* Description: space.php is essentially the brains of the operation. It handles
+* the display of a users space... and really, that's about it.
+* However, this being the script that it is, that's fairly
+* important.
+*
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License along
+* with this program; if not, write to the Free Software Foundation, Inc.,
+* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* ID: $Id: $
+* Author: $Author$
+******************************************************************************/
+
+//The things we need on everything!
+define('IN_ASTRO', 1);
+require('common.php');
+construct();
+
+//What's our ID?
+$id = $_REQUEST["id"];
+
+//Let's see if it's empty
+if(empty($_REQUEST["id"]))
+{
+ //It is. Let's see if we're logged in...
+ if(login_check)
+ {
+ //We are, so set the ID to our session ID!
+ $id = SESSION_ID;
+ }
+ else
+ {
+ //We're not, so redirect to login
+ redirect('profile.php?mode=login');
+ }
+}
+//Get all of our info from the users, friends, and space table, etc.
+//This is going to be a big JOIN query. Let's hope it works...
+$_query="SELECT " . DB_USERS . ".id, " . DB_USERS . ".username, " .
+ DB_USERS . ".theme, " . DB_USERS . ".icon" .
+ " DB_USERS . ".last_login, " .
+ DB_SPACE . ".left, " . DB_SPACE . ".right , " .
+ DB_FRIENDS . ".to, " . DB_FRIENDS . ".from , ".
+ DB_FRIENDS . ".approved, " " . DB_COMMENTS .
+ ".comm_id, " . DB_COMMENTS . ".time, " . DB_COMMENTS .
+ ".to, " . DB_COMMENTS . ".comm_from, " . DB_COMMENTS .
+ ".comm_to, " . DB_COMMENTS . ".comm_content FROM " . DB_USERS .
+ " JOIN " . DB_SPACE . " ON " . DB_USERS . ".id = " . DB_SPACE .
+ ".id JOIN " . DB_FRIENDS . " ON " . DB_SPACE .
+ ".id = " . DB_FRIENDS . ".to OR " . DB_SPACE .
+ ".id = " . DB_FRIENDS . ".from AND " .
+ DB_FRIENDS . ".approved = 1 LIMIT 10 JOIN " . DB_COMMENTS .
+ " ON DB_USERS . ".id = " . DB_COMMENTS . ".to ORDER BY " .
+ DB_COMMENTS . ".id DESC;";
+//Wow, I can't believe I just wrote that. Anyway, time to run it
+$_query=$db->query($_query); //If this doesn't error out I will be amazed
+
+//NEIL PEART'S GHOST! IT WORKED! (Wait, he isn't dead yet...)
+//Note: Bonus points to the first user who knows who Neil Peart is
+
+//Initialize our template so we can assign stuff in the next loop
+$space =& new template('space.tpl');
+//OK, now it's time to sort through that mess...
+
+$i=0;
+$j=0;
+while($array=$db->array($_query))
+{
+ //First, we're going to get a few things that won't change
+ //Make sure we only do this once to conserve resources
+ if($i==0)
+ {
+ $space->set('id', $array["id"]);
+ $space->set('username', $array["username"]);
+ $space->set('theme' , $array["theme"]);
+ $space->set('last_login', $array["last_login"]);
+ $space->set('space_left', $array["left"]);
+ $space->set('space_right', $array["right"]);
+ $space->set('icon', $array["icon"]);
+
+ //Finally, increment the value of $i so we don't do this
+ //again
+ $i++;
+ }
+ //Whoo... OK... time to get our hands dirty!
+
+ //First: Friends, Second: Comments
+ if($array["to"] == $id)
+ {
+ $friends_id[$j]=$array["to"];
+ }
+ else
+ {
+ $friends_id[$j]=$array["from"];
+ }
+
+ //Next: Comments (these will be fun...)
+ $comments_from[$j]=$array["comm_from"];
+ $comments_content[$j]=$array["comm_content"];
+ $comm_time[$j]=$array["time"];
+
+ //Now we need to do some lookup stuff (ie, put a username to these ID's)
+ $comments_from_username[$j]=get_username_by_id($comments_from[$j]);
+ $friends_username[$j]=get_username_by_id($friends_id[$j]);
+ $comments_from_icon[$j]=get_icon_by_id($comments_from[$j]);
+ $friends_icon[$j]=get_icon_by_id($friends_id[$j]);
+ $j++;
+}
+//Now we need to look up some permission stuff (ie, if a user is our friend)
+if(login_check) //Why can't I remember the name of this function?
+{
+ //See if this is your space
+ if($id=SESSION_ID)
+ {
+ $space->set('owner', 1);
+ }
+ //Are you a friend?
+ foreach($friends_id as $friend)
+ {
+ if($friend == SESSION_ID)
+ {
+ $space->set('friend', 1);
+ }
+ }
+}
+//Now it's time to assign some of our vars from up above
+$space->set('from_username', $comments_from_username); //Comment author
+$space->set('from_id', $comments_from); //Comment author ID
+$space->set('from_icon', $comments_from_icon); //Comment author icon
+$space->set('friend', $friends_username); //Friend's Username
+$space->set('friend_id', $friends_id); //Friend's ID
+$space->set('friend_icon', $friends_icon); //Friend's Icon
+
+//Now it's time to finish the template
+$outer =& new template('outer.tpl');
+$outer->set('content', $space);
+
+//
+///That's all, folks!
+// $Id :$
+?>
+?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-03-15 03:23:08
|
Revision: 9
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=9&view=rev
Author: p3net
Date: 2007-03-14 20:23:04 -0700 (Wed, 14 Mar 2007)
Log Message:
-----------
-Edit profile function
-Create a TODO so I can remember what I need to do
-See the TODO to find out:
--Need to create a space.tpl (anyone wanna help?)
--Need to create a edit_profile.tpl (any takers?)
Modified Paths:
--------------
trunk/includes/profile.php
trunk/install/install.php
trunk/profile.php
trunk/space.php
trunk/styles/default/outer.tpl
Modified: trunk/includes/profile.php
===================================================================
--- trunk/includes/profile.php 2007-03-13 02:20:58 UTC (rev 8)
+++ trunk/includes/profile.php 2007-03-15 03:23:04 UTC (rev 9)
@@ -20,7 +20,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
-* ID: ID: $Id: $
+* ID: $Id: $
* Author: $Author$
******************************************************************************/
class profile()
@@ -127,5 +127,45 @@
header('location: profile.php?mode=login');
}
}
+ function edit()
+ {
+ //Make sure we are logged in
+ if(!login_check)
+ {
+ redirect("profile.php?mode=register");
+ }
+ //Get all of our profile information
+ $_query="SELECT " . DB_USERS . ".*, " . DB_SPACES . ".* FROM " . DB_USERS .
+ " JOIN " . DB_SPACES . " ON " . DB_USERS . ".id = " . DB_SPACES . ".id;";
+
+ $_query=$db->query($_query);
+ $_query=$db->array($_query);
+
+ //Time to TPL assign!
+ $page =& new template('edit_profile.tpl');
+ $outer =& new template('outer.tpl');
+
+ $page->set('username', $_query["username"]);
+ $page->set('aim', $_query["aim"]);
+ $page->set('msn', $_query["msn"]);
+ $page->set('irc', $_query["irc"]);
+ $page->set('icq', $_query["icq"]);
+ $page->set('yahoo', $_query["yahoo"]);
+ $page->set('website', $_query["website"]);
+ $page->set('theme', $_query["themes"]);
+
+ //Theme list
+ $_themes="SELECT * FROM " . DB_THEMES;
+ $_themes=$db->query($_themes);
+
+ $i=0;
+ while($temp==$db->array($_themes))
+ {
+ $themes[$i]=$temp["name"];
+ }
+ $page->set('themes', $themes);
+
+ $outer->set('content', $page);
+ }
}
?>
\ No newline at end of file
Modified: trunk/install/install.php
===================================================================
--- trunk/install/install.php 2007-03-13 02:20:58 UTC (rev 8)
+++ trunk/install/install.php 2007-03-15 03:23:04 UTC (rev 9)
@@ -80,7 +80,7 @@
`aim` text,
`msn` text,
`irc` text,
- `irc` text,
+ `icq` text,
`yahoo` text,
`website` text,
`theme` text,
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-03-13 02:20:58 UTC (rev 8)
+++ trunk/profile.php 2007-03-15 03:23:04 UTC (rev 9)
@@ -59,5 +59,8 @@
case 'logout':
$profile->logout();
break;
+ case 'edit':
+ $profile->edit();
+ break;
}
?>
\ No newline at end of file
Modified: trunk/space.php
===================================================================
--- trunk/space.php 2007-03-13 02:20:58 UTC (rev 8)
+++ trunk/space.php 2007-03-15 03:23:04 UTC (rev 9)
@@ -154,5 +154,4 @@
//
///That's all, folks!
// $Id :$
-?>
?>
\ No newline at end of file
Modified: trunk/styles/default/outer.tpl
===================================================================
--- trunk/styles/default/outer.tpl 2007-03-13 02:20:58 UTC (rev 8)
+++ trunk/styles/default/outer.tpl 2007-03-15 03:23:04 UTC (rev 9)
@@ -19,6 +19,7 @@
<!--Auth'd Only-->
<?php if($level>-1) { ?>
<a href="profile.php?mode=logout">Logout</a>
+ <a href="space.php">View Your Space</a>
<?php } ?>
<!--/Auth'd Only-->
<!--Admin-->
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-03-18 12:29:19
|
Revision: 11
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=11&view=rev
Author: p3net
Date: 2007-03-17 09:46:30 -0700 (Sat, 17 Mar 2007)
Log Message:
-----------
-Display our space
-Add headline to the database (how did I forget that?)
-Blank edit_profile.tpl
-Edit our TODO to reflect the fact that we now have (somewhat of a) space put together
Modified Paths:
--------------
trunk/TODO.txt
trunk/includes/profile.php
trunk/install/install.php
trunk/space.php
trunk/styles/default/edit_profile.tpl
trunk/styles/default/space.tpl
Modified: trunk/TODO.txt
===================================================================
--- trunk/TODO.txt 2007-03-17 06:04:26 UTC (rev 10)
+++ trunk/TODO.txt 2007-03-17 16:46:30 UTC (rev 11)
@@ -1,4 +1,4 @@
TODO:
---Make space.tpl (see space.php for the variables)
+--Edit space.tpl after we have all of our functions done (add comment, send PM, add friend, etc)
--Make edit_profile.tpl (see includes/profile.php for the variables)
\ No newline at end of file
Modified: trunk/includes/profile.php
===================================================================
--- trunk/includes/profile.php 2007-03-17 06:04:26 UTC (rev 10)
+++ trunk/includes/profile.php 2007-03-17 16:46:30 UTC (rev 11)
@@ -54,7 +54,7 @@
}
//Time to insert...
$_query="INSERT INTO " . DB_USERS . " VALUES('', '1', '" . $var["username"] . "', '" . md5($var["password"]) .
- "', '" . $var["email"] . "', '../default.gif', '" . $var["aim"] . "', '" . $var["msn"] . "', '" . $var["irc"] .
+ "', '', '" . $var["email"] . "', '../default.gif', '" . $var["aim"] . "', '" . $var["msn"] . "', '" . $var["irc"] .
"', '" . $var["icq"] . "', '" . $var["yahoo"] . "', '" . $var["website"] .", 'default', '" . time() . "');";
//Run the query
Modified: trunk/install/install.php
===================================================================
--- trunk/install/install.php 2007-03-17 06:04:26 UTC (rev 10)
+++ trunk/install/install.php 2007-03-17 16:46:30 UTC (rev 11)
@@ -75,6 +75,7 @@
`user_level` int(1) NOT NULL default 1,
`username` text NOT NULL,
`password` text NOT NULL,
+ `headline` text NOT NULL,
`email` varchar(25) NOT NULL,
`icon` varchar(25) NOT NULL,
`aim` text,
Modified: trunk/space.php
===================================================================
--- trunk/space.php 2007-03-17 06:04:26 UTC (rev 10)
+++ trunk/space.php 2007-03-17 16:46:30 UTC (rev 11)
@@ -54,7 +54,7 @@
//This is going to be a big JOIN query. Let's hope it works...
$_query="SELECT " . DB_USERS . ".id, " . DB_USERS . ".username, " .
DB_USERS . ".theme, " . DB_USERS . ".icon" .
- " DB_USERS . ".last_login, " .
+ " DB_USERS . ".last_login, " . DB_USERS . ".headline, " .
DB_SPACE . ".left, " . DB_SPACE . ".right , " .
DB_FRIENDS . ".to, " . DB_FRIENDS . ".from , ".
DB_FRIENDS . ".approved, " " . DB_COMMENTS .
@@ -93,6 +93,7 @@
$space->set('space_left', $array["left"]);
$space->set('space_right', $array["right"]);
$space->set('icon', $array["icon"]);
+ $space->set('headline', $array["headline"]);
//Finally, increment the value of $i so we don't do this
//again
@@ -143,6 +144,8 @@
$space->set('from_username', $comments_from_username); //Comment author
$space->set('from_id', $comments_from); //Comment author ID
$space->set('from_icon', $comments_from_icon); //Comment author icon
+$space->set('comm_content', $comments_content); //Comment content
+$space->set('time', date($comm_time)); //Comment time
$space->set('friend', $friends_username); //Friend's Username
$space->set('friend_id', $friends_id); //Friend's ID
$space->set('friend_icon', $friends_icon); //Friend's Icon
Modified: trunk/styles/default/edit_profile.tpl
===================================================================
--- trunk/styles/default/edit_profile.tpl 2007-03-17 06:04:26 UTC (rev 10)
+++ trunk/styles/default/edit_profile.tpl 2007-03-17 16:46:30 UTC (rev 11)
@@ -1,8 +0,0 @@
-<html>
- <head>
- <title></title>
- <meta content="">
- <style></style>
- </head>
- <body></body>
-</html>
\ No newline at end of file
Modified: trunk/styles/default/space.tpl
===================================================================
--- trunk/styles/default/space.tpl 2007-03-17 06:04:26 UTC (rev 10)
+++ trunk/styles/default/space.tpl 2007-03-17 16:46:30 UTC (rev 11)
@@ -1,8 +1,36 @@
-<html>
- <head>
- <title></title>
- <meta content="">
- <style></style>
- </head>
- <body></body>
-</html>
\ No newline at end of file
+<div id="left">
+ <?php echo $username; ?><br>
+ "<?php echo $headline; ?>"<br>
+ <img src="uploads/<?php echo $id; ?>/<?php echo $icon; ?>"><br>
+ <!-- Links to do stuff go here -->
+ <?php echo $space_left; ?>
+</div>
+<div id="right">
+ <?php echo $space_right; ?><br>
+ <!-- BEGIN friends -->
+ <?php
+ $i=0;
+ for($i, $i<count($friends_username), $i++)
+ { ?>
+ <a href="space.php?id=<?php echo $friend_id[$i]; ?>"><img src="/uploads/<?php echo $friend_id[$i]; ?>/<?php echo $friend_icon[$i]; ?>
+ $nbsp;<?php echo $friend[$i]; ?><br>
+ <?php } ?>
+ <!-- END friends -->
+ <!-- BEGIN comments -->
+ <table>
+ <?php
+ $i=0;
+ for($i, $i<count($from_id), $i++)
+ { ?>
+ <tr>
+ <td>
+ <a href="space.php?id=<?php echo $from_id[$i]; ?>"><?php echo $from_username[$i]; ?></a><br>
+ <?php echo $time[$i]; ?><br>
+ <img src="/uploads/<?php echo $from_id[$i]; ?>/<?php echo $from_icon[$i]; ?>">
+ </td>
+ <td>
+ <?php echo $comm_content[$i]; ?>
+ </td>
+ </tr>
+ <?php } ?>
+</div>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-03-18 22:09:41
|
Revision: 12
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=12&view=rev
Author: p3net
Date: 2007-03-17 12:55:05 -0700 (Sat, 17 Mar 2007)
Log Message:
-----------
-Rename edit_profile.tpl by accident :D
-Create editprofile script (processor)
--Upload icons included!
-Edit TODO
-Hope everything works...
Modified Paths:
--------------
trunk/TODO.txt
trunk/includes/profile.php
trunk/profile.php
Added Paths:
-----------
trunk/styles/default/editprofile.tpl
Removed Paths:
-------------
trunk/styles/default/edit_profile.tpl
Modified: trunk/TODO.txt
===================================================================
--- trunk/TODO.txt 2007-03-17 16:46:30 UTC (rev 11)
+++ trunk/TODO.txt 2007-03-17 19:55:05 UTC (rev 12)
@@ -1,4 +1,6 @@
TODO:
--Edit space.tpl after we have all of our functions done (add comment, send PM, add friend, etc)
---Make edit_profile.tpl (see includes/profile.php for the variables)
\ No newline at end of file
+--Add as friend function
+--Comment function
+--PM function
\ No newline at end of file
Modified: trunk/includes/profile.php
===================================================================
--- trunk/includes/profile.php 2007-03-17 16:46:30 UTC (rev 11)
+++ trunk/includes/profile.php 2007-03-17 19:55:05 UTC (rev 12)
@@ -142,10 +142,11 @@
$_query=$db->array($_query);
//Time to TPL assign!
- $page =& new template('edit_profile.tpl');
+ $page =& new template('editprofile.tpl');
$outer =& new template('outer.tpl');
$page->set('username', $_query["username"]);
+ $page->set('headline', $_query["headline"]);
$page->set('aim', $_query["aim"]);
$page->set('msn', $_query["msn"]);
$page->set('irc', $_query["irc"]);
@@ -153,6 +154,10 @@
$page->set('yahoo', $_query["yahoo"]);
$page->set('website', $_query["website"]);
$page->set('theme', $_query["themes"]);
+ $page->set('space_left', $_query["space_left"]);
+ $page->set('space_right', $_query["space_right"]);
+ $page->set('icon', $_query["icon"]);
+ $page->set('id', $_query["id"]);
//Theme list
$_themes="SELECT * FROM " . DB_THEMES;
@@ -167,5 +172,85 @@
$outer->set('content', $page);
}
+ function update($var, $_FILES)
+ {
+ //Are we logged in?
+ if(!logged_in())
+ {
+ redirect('?mode=login');
+ }
+ //Are we updating our space?
+ if(SESSION_ID != $var["id"])
+ {
+ die("Hacking attempt");
+ }
+ //Before we do anything, we need to move our icon
+ //if we updated it. We are going to set every
+ //new icon as our default image, but we can
+ //change that later...
+
+ if(!(empty($_FILES) && preg_match("/^image/", $_FILES['uploadedfile']['type']))
+ {
+ $target_path="../uploads/";
+
+ $ext=substr(basename($_FILES['uploadedfile']['tmpname'], strrpos($_FILES['uploadedfile']['tmpname'], '.') + 1);
+ $name=rand(1,100000000);
+ $name .= "." . $ext;
+
+ $target_path = $target_path . $name);
+ if(!move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path))
+ {
+ die("Icon could not be uploaded");
+ }
+ }
+
+ $update["user"]["fields"]=array(
+ 'username',
+ 'headline',
+ 'aim',
+ 'msn',
+ 'irc',
+ 'icq',
+ 'website',
+ 'yahoo',
+ 'theme',
+ 'icon');
+ $update["space"]["fields"]=array(
+ 'space_left',
+ 'space_right');
+
+ $update["user"]["values"]=array(
+ $var["username"],
+ $var["headline"],
+ $var["aim"],
+ $var["msn"],
+ $var["irc"],
+ $var["icq"],
+ $var["yahoo"],
+ $var["website"],
+ $var["theme"]);
+ if(!(empty($_FILES["uploadedfile"]["tmpname"]))) $update["users"]["values"][]=$name;
+
+ $update["space"]["fields"]=array(
+ $var["space_left"],
+ $var["space_right"]);
+
+ $i=0;
+ for($i, $i<count($update["users"]["values"]), $i++)
+ {
+ $_query .= "UPDATE " . DB_USERS . " SET `" . $update["users"]["fields"][$i] .
+ "`='" . $update["users"]["values"][$i] . "' WHERE `id`='" . $var["id"] .
+ " LIMIT 1;";
+ }
+ $i=0;
+ for($i, $i<count($update["space"]["fields"]), $i++)
+ {
+ $_query .= "UPDATE " . DB_SPACE . " SET `" . $update["space"]["fields"][$i] .
+ "`='" . $update["space"]["values"][$i] . "' WHERE `id`='" . $var["id"] .
+ " LIMIT 1;";
+ }
+ $db->query($_query);
+ thankyou("updating your profile", "to your space", "space.php");
+ }
}
?>
\ No newline at end of file
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-03-17 16:46:30 UTC (rev 11)
+++ trunk/profile.php 2007-03-17 19:55:05 UTC (rev 12)
@@ -62,5 +62,8 @@
case 'edit':
$profile->edit();
break;
+ case 'update':
+ $profile->update($_POST, $_FILES);
+ break;
}
?>
\ No newline at end of file
Deleted: trunk/styles/default/edit_profile.tpl
===================================================================
Added: trunk/styles/default/editprofile.tpl
===================================================================
--- trunk/styles/default/editprofile.tpl (rev 0)
+++ trunk/styles/default/editprofile.tpl 2007-03-17 19:55:05 UTC (rev 12)
@@ -0,0 +1,25 @@
+<form action="?mode=update" method="post">
+<input type="hidden" name="id" value="<?php echo $id; ?>">
+Username: <input type="text" name="username" value="<?php echo $username; ?>"><br>
+Headline: <input type="text" name="headline" value="<?php echo $headline; ?>"><br>
+AIM: <input type="text" name="aim" value="<?php echo $aim; ?>"><br>
+MSN: <input type="text" name="msn" value="<?php echo $msn; ?>"><br>
+IRC: <input type="text" name="irc" value="<?php echo $irc; ?>"><br>
+ICQ: <input type="text" name="icq" value="<?php echo $icq; ?>"><br>
+Yahoo!: <input type="text" name="yahoo" value="<?php echo $yahoo; ?>"><br>
+Website: <input type="text" name="website" value="<?php echo $website; ?>"><br>
+Theme: <select name="theme">
+ <?php
+ foreach($themes as $theme_arr)
+ {
+ $selected = ($theme == $theme_arr) : 'selected="selected"' ? '';
+ echo "<option name=\"" . $theme_arr . "\" " . $selected . ">" . $theme_arr . "</option>";
+ }
+ ?>
+ </select>
+<br>
+Space (Left): <textarea rows="6" cols="60"><?php echo $space_left; ?></textarea><br>
+Space (Right): <textarea rows="60" cols="60"><?php echo $space_right; ?></textarea><br>
+<input type="hidden" name="MAX_FILE_SIZE" value="100000">
+Upload an Icon: <input type="file" name="uploadedfile"><br>
+<input type="submit" value="Update"></form>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-03-18 23:13:31
|
Revision: 15
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=15&view=rev
Author: p3net
Date: 2007-03-18 10:42:04 -0700 (Sun, 18 Mar 2007)
Log Message:
-----------
-Finish friend request function
--Request list
--Accept friend
--Count on your space
-Edit space.tpl to include a few things
--If friend
---Add comment
--If owner
---Edit Space
---View pending requests
-Edit TODO to update all the changes
Modified Paths:
--------------
trunk/TODO.txt
trunk/includes/profile.php
trunk/profile.php
trunk/space.php
trunk/styles/default/space.tpl
Added Paths:
-----------
trunk/styles/default/comment.tpl
trunk/styles/default/friend_list.tpl
Modified: trunk/TODO.txt
===================================================================
--- trunk/TODO.txt 2007-03-18 00:29:04 UTC (rev 14)
+++ trunk/TODO.txt 2007-03-18 17:42:04 UTC (rev 15)
@@ -1,6 +1,4 @@
TODO:
---Edit space.tpl after we have all of our functions done (add comment, send PM, add friend, etc)
---Accept friend request function
---Comment function
+--Edit space.tpl after we have all of our functions done (send PM, etc)
--PM function
\ No newline at end of file
Modified: trunk/includes/profile.php
===================================================================
--- trunk/includes/profile.php 2007-03-18 00:29:04 UTC (rev 14)
+++ trunk/includes/profile.php 2007-03-18 17:42:04 UTC (rev 15)
@@ -284,5 +284,62 @@
thankyou("for adding this user as your friend. They will be added to your friends list when your
request is accepted.", "return to your space", "space.php");
}
+ function request_list()
+ {
+ if(!(logged_in()))
+ {
+ redirect('?mode=login');
+ }
+ $_query="SELECT * FROM " . DB_FRIENDS . " WHERE `to`='" . SESSION_ID . "' AND `approved` = '0'";
+ $_query=$db->query($_query);
+
+ $i=0;
+ while($friend=$db->array($_query))
+ {
+ $from[$i]=$friend["from"];
+ $from_username[$i]=get_username_by_id($from[$i]);
+ $i++;
+ }
+ $page =& new template('friend_list.tpl');
+ $page->set('from', $from);
+ $page->set('username', $from_username);
+
+ $outer =& new template('outer.tpl');
+ $outer->set('content', $page);
+ }
+ function approve($id)
+ {
+ //First, make sure we are logged in
+ if(!logged_in())
+ {
+ redirect("?mode=login");
+ }
+
+ $_query="UPDATE " . DB_FRIENDS . " SET `approved` = '1' WHERE `to`='" . SESSION_ID .
+ " AND `from`='" . $id . " AND `approved` = '0' LIMIT 1";
+ $db->query($_query);
+ thankyou("for accepting this friend request.", "return to your space", "space.php",
+ "go to your new friends' space", "space.php?id=" . $id);
+ }
+ function comment($to)
+ {
+ //First, make sure they are our friend
+ if(!is_friend($to))
+ {
+ redirect("?mode=friend_request&id=" . $to);
+ }
+ $page =& new template('comment.tpl');
+ $page->set('to', $to);
+ $outer = & new template('outer.tpl');
+ $outer->set('content', $page);
+ }
+ function comment_proccess($vars)
+ {
+ $_query="INSERT INTO " . DB_COMMENT . " VALUES('', '" . time() . "', '" . SESSION_ID .
+ "', '" . $vars["to"] . "', '" . $vars["comment"] . "');";
+ $db->query($_query);
+ thankyou("for commenting", "return to your space", "space.php",
+ "return to your friends space", "space.php?id=" . $vars["to"]);
+ }
}
?>
\ No newline at end of file
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-03-18 00:29:04 UTC (rev 14)
+++ trunk/profile.php 2007-03-18 17:42:04 UTC (rev 15)
@@ -68,5 +68,17 @@
case 'friend_request':
$profile->request($_GET["id"]);
break;
+ case 'request_list':
+ $profile->request_list();
+ break;
+ case 'approve':
+ $profile->approve($_GET["id"]);
+ break;
+ case 'comment':
+ $profile->comment($_GET["to"]);
+ break;
+ case 'comm_proc':
+ $profile->comment_proccess($_POST);
+ break;
}
?>
\ No newline at end of file
Modified: trunk/space.php
===================================================================
--- trunk/space.php 2007-03-18 00:29:04 UTC (rev 14)
+++ trunk/space.php 2007-03-18 17:42:04 UTC (rev 15)
@@ -124,22 +124,6 @@
$j++;
}
//Now we need to look up some permission stuff (ie, if a user is our friend)
-if(login_check) //Why can't I remember the name of this function?
-{
- //See if this is your space
- if($id=SESSION_ID)
- {
- $space->set('owner', 1);
- }
- //Are you a friend?
- foreach($friends_id as $friend)
- {
- if($friend == SESSION_ID)
- {
- $space->set('friend', 1);
- }
- }
-}
//Now it's time to assign some of our vars from up above
$space->set('from_username', $comments_from_username); //Comment author
$space->set('from_id', $comments_from); //Comment author ID
@@ -158,6 +142,9 @@
//Friend?
$friend= (is_friend($id)) ? '1' : '0';
+//Number of friend requests
+$_query="SELECT `from` FROM " . DB_FRIENDS . " WHERE `approved`='0'";
+$space->set('friend_req', count($db->array($db->query($_query)));
$space->set('me', $me);
$space->set('friend', $friend);
$space->set('level', SESSION_LEVEL);
Added: trunk/styles/default/comment.tpl
===================================================================
--- trunk/styles/default/comment.tpl (rev 0)
+++ trunk/styles/default/comment.tpl 2007-03-18 17:42:04 UTC (rev 15)
@@ -0,0 +1,4 @@
+<form action="?mode=comm_proc" method="post">
+<input type="hidden" name="to" value="<?php echo $to; ?>">
+Comment: <textarea name="comment" rows="6" cols="60"></textarea>
+<br><input type="submit" value="Comment"></form>
\ No newline at end of file
Added: trunk/styles/default/friend_list.tpl
===================================================================
--- trunk/styles/default/friend_list.tpl (rev 0)
+++ trunk/styles/default/friend_list.tpl 2007-03-18 17:42:04 UTC (rev 15)
@@ -0,0 +1,16 @@
+<table>
+ <tr>
+ <td>Username</td>
+ <td>Action</td>
+ </tr>
+ <?php
+ $i=0;
+ for($i, $i<count($username), $i++)
+ {
+ ?>
+ <tr>
+ <td><?php echo $username[$i]; ?></td>
+ <td><a href="?mode=approve&id=<?php echo $from; ?>">Approve</a></td>
+ </tr>
+ <?php } ?>
+</table>
\ No newline at end of file
Modified: trunk/styles/default/space.tpl
===================================================================
--- trunk/styles/default/space.tpl 2007-03-18 00:29:04 UTC (rev 14)
+++ trunk/styles/default/space.tpl 2007-03-18 17:42:04 UTC (rev 15)
@@ -1,10 +1,29 @@
<div id="left">
<?php echo $username; ?><br>
"<?php echo $headline; ?>"<br>
- <img src="uploads/<?php echo $id; ?>/<?php echo $icon; ?>"><br>
- <?php if($level>0 && friend==0) { ?>
- <a href="profile.php?mode=friend_request&id=<?php echo $id; ?>">Add as Friend</a>
- <?php } ?>
+ <img src="uploads/<?php echo $id; ?>/<?php echo $icon; ?>"><br>
+
+ <!-- BEGIN profile_functions -->
+ <!-- IF is_not_friend AND is_logged_in -->
+ <?php if($level>0 && friend==0) { ?>
+ <a href="profile.php?mode=friend_request&id=<?php echo $id; ?>">Add as Friend</a>
+ <?php } ?>
+ <!-- END IF -->
+
+ <!-- IF is_friend -->
+ <?php if($friend == 1) { ?>
+ <a href="profile.php?action=comment&to=<?php echo $id; ?>">Add Comment</a><br>
+ <?php } ?>
+ <!-- END IF -->
+
+ <!-- IF IS OWNER -->
+ <?php if($me == 1) { ?>
+ <a href="profile.php?mode=edit">Edit Profile/Space</a><br>
+ <a href="profile.php?mode=request_list">View Pending Friend Requests (<?php echo $friend_req; ?>)<br>
+ <?php } ?>
+ <!-- END IF -->
+ <!-- END profile_functions -->
+
<?php echo $space_left; ?>
</div>
<div id="right">
@@ -18,7 +37,10 @@
$nbsp;<?php echo $friend[$i]; ?>" /><br>
<?php } ?>
<!-- END friends -->
- <!-- BEGIN comments -->
+ <!-- BEGIN comments -->
+ <?php if($friend == 1) { ?>
+ <a href="profile.php?action=comment&to=<?php echo $id; ?>">Add Comment</a><br>
+ <?php } ?>
<table>
<?php
$i=0;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-03-19 01:12:11
|
Revision: 10
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=10&view=rev
Author: p3net
Date: 2007-03-16 23:04:26 -0700 (Fri, 16 Mar 2007)
Log Message:
-----------
-Add a TODO so I can remember what to do
-A few blank style pages
Added Paths:
-----------
trunk/TODO.txt
trunk/styles/default/edit_profile.tpl
trunk/styles/default/space.tpl
Added: trunk/TODO.txt
===================================================================
--- trunk/TODO.txt (rev 0)
+++ trunk/TODO.txt 2007-03-17 06:04:26 UTC (rev 10)
@@ -0,0 +1,4 @@
+TODO:
+
+--Make space.tpl (see space.php for the variables)
+--Make edit_profile.tpl (see includes/profile.php for the variables)
\ No newline at end of file
Added: trunk/styles/default/edit_profile.tpl
===================================================================
--- trunk/styles/default/edit_profile.tpl (rev 0)
+++ trunk/styles/default/edit_profile.tpl 2007-03-17 06:04:26 UTC (rev 10)
@@ -0,0 +1,8 @@
+<html>
+ <head>
+ <title></title>
+ <meta content="">
+ <style></style>
+ </head>
+ <body></body>
+</html>
\ No newline at end of file
Added: trunk/styles/default/space.tpl
===================================================================
--- trunk/styles/default/space.tpl (rev 0)
+++ trunk/styles/default/space.tpl 2007-03-17 06:04:26 UTC (rev 10)
@@ -0,0 +1,8 @@
+<html>
+ <head>
+ <title></title>
+ <meta content="">
+ <style></style>
+ </head>
+ <body></body>
+</html>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-07-28 17:26:16
|
Revision: 18
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=18&view=rev
Author: p3net
Date: 2007-07-28 10:26:17 -0700 (Sat, 28 Jul 2007)
Log Message:
-----------
A bit of cleanup
Modified Paths:
--------------
trunk/blog.php
trunk/functions/db.php
trunk/functions/session.php
trunk/functions/template.php
trunk/gallery.php
trunk/globals.php
trunk/group.php
trunk/images.php
trunk/index.php
trunk/profile.php
trunk/viewspace.php
Added Paths:
-----------
trunk/install/install.php
Property Changed:
----------------
trunk/blog.php
trunk/config.php
trunk/functions/db.php
trunk/functions/session.php
trunk/functions/template.php
trunk/gallery.php
trunk/globals.php
trunk/group.php
trunk/images.php
trunk/index.php
trunk/profile.php
trunk/viewspace.php
Modified: trunk/blog.php
===================================================================
--- trunk/blog.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/blog.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,6 +16,6 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: blog.php 7 2007-07-27 20:05:38Z p3net.tech $
+ @id: $Id$
*********************************************************/
?>
\ No newline at end of file
Property changes on: trunk/blog.php
___________________________________________________________________
Name: svn:keywords
+ Id
Property changes on: trunk/config.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/functions/db.php
===================================================================
--- trunk/functions/db.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/functions/db.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,7 +16,7 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: db.php 7 2007-07-27 20:05:38Z p3net.tech $
+ @id: $Id$
*********************************************************/
$this =& new db;
class db
Property changes on: trunk/functions/db.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/functions/session.php
===================================================================
--- trunk/functions/session.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/functions/session.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,7 +16,7 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: session.php 8 2007-07-27 20:56:25Z p3net.tech $
+ @id: $Id$
*********************************************************/
/********************************************************
The name here is a bit of a misnomer. The session class
Property changes on: trunk/functions/session.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/functions/template.php
===================================================================
--- trunk/functions/template.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/functions/template.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,7 +16,7 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: template.php 7 2007-07-27 20:05:38Z p3net.tech $
+ @id: $Id$
*********************************************************/
$this =& new template;
class template
Property changes on: trunk/functions/template.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/gallery.php
===================================================================
--- trunk/gallery.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/gallery.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,7 +16,7 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: gallery.php 8 2007-07-27 20:56:25Z p3net.tech $
+ @id: $Id$
*********************************************************/
class gallery
{
Property changes on: trunk/gallery.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/globals.php
===================================================================
--- trunk/globals.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/globals.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,7 +16,7 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: globals.php 6 2007-07-27 19:03:49Z p3net.tech $
+ @id: $Id$
*********************************************************/
/* Include our larger functions */
require_once('./functions/db.php');
Property changes on: trunk/globals.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/group.php
===================================================================
--- trunk/group.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/group.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,6 +16,6 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: group.php 7 2007-07-27 20:05:38Z p3net.tech $
+ @id: $Id$
*********************************************************/
?>
\ No newline at end of file
Property changes on: trunk/group.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/images.php
===================================================================
--- trunk/images.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/images.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,7 +16,7 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: images.php 5 2007-07-26 23:43:48Z p3net.tech $
+ @id: $Id$
*********************************************************/
include('globals.php');
class image
Property changes on: trunk/images.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/index.php
===================================================================
--- trunk/index.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/index.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,7 +16,7 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: index.php 5 2007-07-26 23:43:48Z p3net.tech $
+ @id: $Id$
*********************************************************/
include('globals.php');
/* 5 most recent users should be enough. We can fill the rest with ads or something */
Property changes on: trunk/index.php
___________________________________________________________________
Name: svn:keywords
+ Id
Added: trunk/install/install.php
===================================================================
Property changes on: trunk/install/install.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/profile.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,7 +16,7 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: profile.php 8 2007-07-27 20:56:25Z p3net.tech $
+ @id: $Id$
*********************************************************/
include('globals');
class profile
Property changes on: trunk/profile.php
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/viewspace.php
===================================================================
--- trunk/viewspace.php 2007-07-28 17:23:56 UTC (rev 17)
+++ trunk/viewspace.php 2007-07-28 17:26:17 UTC (rev 18)
@@ -16,7 +16,7 @@
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- @id: $Id: viewspace.php 7 2007-07-27 20:05:38Z p3net.tech $
+ @id: $Id$
*********************************************************/
/* Todo: If no id is set or id is yours, show you owner view instead
Alternatively, actual view will be shown if &view=real is appended*/
Property changes on: trunk/viewspace.php
___________________________________________________________________
Name: svn:keywords
+ Id
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-07-28 17:23:55
|
Revision: 17
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=17&view=rev
Author: p3net
Date: 2007-07-28 10:23:56 -0700 (Sat, 28 Jul 2007)
Log Message:
-----------
Say hello to the new codebase! :D
Added Paths:
-----------
trunk/blog.php
trunk/config.php
trunk/develop/
trunk/develop/schema.sql
trunk/functions/
trunk/functions/db.php
trunk/functions/session.php
trunk/functions/template.php
trunk/gallery.php
trunk/globals.php
trunk/group.php
trunk/images.php
trunk/index.php
trunk/install/
trunk/logs/
trunk/logs/errors.txt
trunk/profile.php
trunk/template/
trunk/template/drill.tpl
trunk/template/forms/
trunk/template/forms/gallery_comment.tpl
trunk/template/forms/login.tpl
trunk/template/forms/register.tpl
trunk/template/forms/upload_pic.tpl
trunk/template/gallery.tpl
trunk/template/home.tpl
trunk/template/inbox.tpl
trunk/template/messages/
trunk/template/messages/error.tpl
trunk/template/messages/thank.tpl
trunk/template/outer.tpl
trunk/template/read.tpl
trunk/template/send.tpl
trunk/viewspace.php
Added: trunk/blog.php
===================================================================
--- trunk/blog.php (rev 0)
+++ trunk/blog.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,21 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: blog.php 7 2007-07-27 20:05:38Z p3net.tech $
+*********************************************************/
+?>
\ No newline at end of file
Added: trunk/config.php
===================================================================
--- trunk/config.php (rev 0)
+++ trunk/config.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,8 @@
+<?php
+$db_info = array(
+ 'user' => '',
+ 'pass' => '',
+ 'host' => '',
+ 'name' => ''
+ );
+?>
\ No newline at end of file
Added: trunk/develop/schema.sql
===================================================================
--- trunk/develop/schema.sql (rev 0)
+++ trunk/develop/schema.sql 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,109 @@
+CREATE TABLE `users` (
+ `id` int(11) NOT NULL auto_increment,
+ `display_name` text NOT NULL,
+ `password` varchar(40) NOT NULL,
+ `join` date NOT NULL,
+ `last_login` date,
+ `time_offset` tinyint(2) NOT NULL,
+ `blurb` text NOT NULL,
+ `email` varchar(30) NOT NULL,
+ `aim` varchar(20),
+ `yim` varchar(20),
+ `jabber` varchar(20),
+ `irc` varchar(20),
+ `icq` varchar(20),
+ `live` varchar(20),
+ `user_image` int(11),
+ `clean_url` text,
+ `privacy` tinyint(1) NOT NULL default '0'
+ PRIMARY KEY(`id`)
+) TYPE=MyISAM AUTO_INCREMENT = 1;
+
+CREATE TABLE `images` (
+ `id` int(11) NOT NULL auto_increment,
+ `owner` int(11) NOT NULL,
+ `content` MEDIUMBLOB NOT NULL,
+ `mime_type` varchar(15) NOT NULL,
+ `desc` text NOT NULL,
+ `width` int(4) NOT NULL,
+ `height` int(4) NOT NULL,
+ `name` text NOT NULL,
+ `views` int(6) NOT NULL
+ PRIMARY KEY(`id`)
+) TYPE=MyISAM AUTO_INCREMENT = 1;
+
+CREATE TABLE `images_comments` (
+ `id` int(11) NOT NULL auto_increment,
+ `image` int(11) NOT NULL,
+ `time` date NOT NULL,
+ `author` int(11) NOT NULL,
+ `comment` text NOT NULL
+ PRIMARY KEY(`id`)
+) TYPE=MyISAM AUTO_INCREMENT = 1;
+
+CREATE TABLE `blog` (
+ `id` int(11) NOT NULL auto_increment,
+ `title` text NOT NULL,
+ `date` date NOT NULL,
+ `content` text NOT NULL,
+ `author` int(11) NOT NULL,
+ PRIMARY KEY(`id`)
+) TYPE=MyISAM AUTO_INCREMENT = 1;
+
+CREATE TABLE `blog_comments` (
+ `id` int(11) NOT NULL auto_increment,
+ `author` int(11) NOT NULL,
+ `body` text NOT NULL,
+ `time` date NOT NULL
+ PRIMARY KEY(`id`)
+) TYPE=MyISAM AUTO_INCREMENT = 1;
+
+CREATE TABLE `friends` (
+ `party_1` int(11) NOT NULL,
+ `party_2` int(11) NOT NULL,
+ `accepted` int(1) NOT NULL,
+) TYPE=MyISAM AUTO_INCREMENT = 1;
+
+CREATE TABLE `actions` (
+ `time` date NOT NULL,
+ `who` int(11) NOT NULL,
+ `action` int(2) NOT NULL,
+ `for` int(11),
+)
+
+CREATE TABLE `groups` (
+ `id` int(11) NOT NULL auto_increment,
+ `name` text NOT NULL,
+ `founder` int(11) NOT NULL,
+ `members` text NOT NULL,
+ `create_date` date NOT NULL
+ PRIMARY KEY(`id`)
+) TYPE=MyISAM AUTO_INCREMENT = 1;
+
+CREATE TABLE `comments` (
+ `id` int(11) NOT NULL auto_increment,
+ `time` date NOT NULL,
+ `from` int(11) NOT NULL,
+ `to` int(11) NOT NULL,
+ `body` int(11) NOT NULL
+ PRIMARY KEY(`id`)
+) TYPE=MyISAM AUTO_INCREMENT = 1;
+
+CREATE TABLE `sessions` (
+ `id` int(35) NOT NULL,
+ `user_id` int(11) NOT NULL,
+ `ip` varchar(12) NOT NULL,
+ `last_update` date NOT NULL
+ PRIMARY KEY(`id`)
+) TYPE=MyISAM;
+
+CREATE TABLE `private_messages` (
+ `id` int(11) NOT NULL auto_increment,
+ `to` int(11) NOT NULL,
+ `from` int(11) NOT NULL,
+ `date` time() NOT NULL,
+ `subject` text NOT NULL,
+ `message text NOT NULL,
+ `read` int(1) NOT NULL default 0
+ PRIMARY KEY(`id)
+) TYPE=MyISAM AUTO_INCREMENT = 1;
\ No newline at end of file
Added: trunk/functions/db.php
===================================================================
--- trunk/functions/db.php (rev 0)
+++ trunk/functions/db.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,59 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: db.php 7 2007-07-27 20:05:38Z p3net.tech $
+*********************************************************/
+$this =& new db;
+class db
+{
+ function db()
+ {
+ require_once('./../config.php');
+
+ $db = mysql_connect($db_info['host'], $db_info['user'], $db_info['pass']);
+ if(!$db)
+ {
+ $error->general('Could not Connect to Database', mysql_error());
+ }
+ else
+ {
+ if(!mysql_select_db($db_info['name']))
+ {
+ $error->general('Could not Select Database', mysql_error());
+ }
+ }
+ }
+ function query($query)
+ {
+ $query = mysql_query($query)
+ if(!$query)
+ {
+ $error->general('Could not query database', mysql_error());
+ }
+ return $query;
+ }
+ function fetch_array($query)
+ {
+ $query = mysql_fetch_array($query);
+ if(!$query)
+ {
+ $error$db->general('Could not fetch array from database', mysql_error());
+ }
+ return $query;
+}
+?>
\ No newline at end of file
Added: trunk/functions/session.php
===================================================================
--- trunk/functions/session.php (rev 0)
+++ trunk/functions/session.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,280 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: session.php 8 2007-07-27 20:56:25Z p3net.tech $
+*********************************************************/
+/********************************************************
+The name here is a bit of a misnomer. The session class
+handles all user-interaction related processes -- both
+interaction between user and server and interaction
+between user and user
+**********************************************************/
+class session
+{
+ function create()
+ {
+ /* We don't have a session and aren't logged in. Let's create it */
+ $id = md5(time() . rand(1,1000));
+ /* Check to make sure it's unique */
+ $_query="INSERT INTO `sessions` VALUES('" . $id . "', '-1', '" . $REMOTE_ADDR . "', '" . time() . "')";
+ $db->query($_query);
+ $_COOKIE["session_id"] = $id;
+ }
+ function check()
+ {
+ /* We need to check if a session exists by looking for the session cookie. If that's not there,
+ then we return false (since the user isn't logged in). We also match the IP */
+ $ip = $REMOTE_ADDR;
+ $_query = "SELECT * FROM `sessions` WHERE `ip` = '" . $ip . "'";
+ $res = $db->query($_query);
+ if(mysql_num_rows($res) == 0)
+ {
+ $session->create();
+ }
+ else
+ {
+ /* Get an array of our session info */
+ $res = $db->fetch_array($res);
+ if($res['id'] != $_COOKIE["session_id"])
+ {
+ $session->create();
+ }
+ else
+ {
+ foreach($res as $key => $value)
+ {
+ $user->data[$key] = $value;
+ }
+ /* Update our updated time */
+ $_query="UPDATE `sessions` SET `last_update` = '" . time() . "' WHERE `id` = '" . $user->data['id'] . "' LIMIT 1";
+ $db->query($_query);
+ }
+ }
+ /* We also need to get rid of users who haven't done anything in the last half-hour */
+ $_query = "DELETE * FROM `sessions` WHERE `last_update` < " . (time() - (60*30));
+ $db->query($_query);
+ }
+ function logged_in()
+ {
+ if($user->data['id'] != "-1")
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ function login($user_id)
+ {
+ $session->check();
+ if($session->logged_in())
+ {
+ /* Wait - what? */
+ $error->general("Already logged in", "Session already populated");
+ }
+ else
+ {
+ $_query = "UPDATE `sessions` SET `user_id` = '" . $user_id . "' WHERE `id` = '" . $_COOKIE["session_id"] . " LIMIT 1";
+ $db->query($_query);
+ /* Run the session check again. It'll make the row and populate $user->data */
+ $session->check();
+ }
+ }
+ function logout()
+ {
+ if($session->logged_in())
+ {
+ $_query = "UPDATE `sessions` SET `user_id` = '-1' WHERE `id` = '" . $user->data['id'] . "' AND `ip` = '" . $user->data['ip'] . "' LIMIT 1";
+ $db->query($_query);
+ $user->data = null;
+ }
+ else
+ {
+ $error->general('Not logged in', 'User ID = -1');
+ }
+ }
+ function is_friend($id)
+ {
+ if(!$user->logged_in())
+ {
+ return false;
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_1` = '" . $user->data['user_id'] . "' AND AND `party_2`='" . $id . "' AND `accepted`='1'";
+ $_query = $db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ return true;
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_2` = '" . $user->data['user_id'] . "' AND `party_1`='" . $id . "' AND `accepted`='1'";
+ $_query = $db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ }
+ }
+ function action($action, $who="")
+ {
+ /*List of actions:
+ 1. Updated Space
+ 2. Left you a comment
+ 3. Left a comment on one of your pictures
+ 4. Uploaded a picture
+ 5. Added you as a friend
+ 6. New blog post
+ 7. Left you a comment on a blog post
+ 8. Joined a group
+ 9. Created a group */
+ $_query="INSERT INTO `actions` VALUES('" . time() . "', '" . $user->data['user_id'] . "', '" . $action . "', '" . $who . "')";
+ $db->query($_query);
+ return true;
+ }
+ function add_friend($id)
+ {
+ if(!$user->logged_in())
+ {
+ $error->general("Not logged in", "Add as friend");
+ }
+ else
+ {
+ if($user->is_friend($id))
+ {
+ $error->general("Already friend", "Add as friend");
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_1`='" . $user->data['user_id'] . " AND `party_2`='" . $id . "'";
+ $_query=$db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ $error->general("Already added as friend, awaiting acception", "Add as friend");
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_2`='" . $user->data['user_id'] . " AND `party_1`='" . $id . "'";
+ $_query=$db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ $error->general("User has already added you as a friend. Accept them in your friend control panel.", "Add as friend");
+ }
+ else
+ {
+ $_query="INSERT INTO `friends` VALUES('" . $user->data['user_id'] . "', '" . $id . "', '0'";
+ $db->query($_query);
+ $message->thank("adding this user as your friend. You will be alerted when they accept you as a friend.", "to go back", "javascript:history.go(-1)");
+ }
+ }
+ }
+ }
+ }
+ function accept_friend($id)
+ {
+ $_query="UPDATE `friends` SET `accepted`='1' WHERE `party_2`='" . $data->user['user_id'] . "' AND `party_1='" . $id . "' LIMIT 1";
+ $db->query($_query);
+ $user->action(5, $id);
+ }
+ function can_view($id)
+ {
+ /*We're simply checking whether or not we have the permissions to view this space */
+ /*First we need to figure out what the space privacy setting is*/
+ $_query="SELECT `privacy` FROM `users` WHERE `id`='" . $id . "' LIMIT 1";
+ $_query=$db->query($_query);
+ $_query=$db->fetch_array($_query);
+ $res=$_query['privacy'];
+ if($res == '0')
+ {
+ /*All users can view this space*/
+ return true;
+ }
+ else
+ {
+ /*We need to check if we're they're friend*/
+ if($session->is_friend($id))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ }
+ function add_comment($id)
+ {
+ if($session->is_friend($id))
+ {
+ /*Okay, we have permission to leave this comment*/
+ foreach($_POST as $key => $value)
+ {
+ $var[$key] = mysql_real_escape_string($value);
+ }
+ $_query="INSERT INTO `comments` VALUES('', '" . time() . "', '" . $user->data['user_id'] . "', '" . $id . "', '" . $var['body'] .
+ "'";
+ $db->query($_query);
+ $session->action('2', $id);
+ }
+ }
+ function get_username($id)
+ {
+ $_query="SELECT `display_name` FROM `users` WHERE `id`='" . $id . "'";
+ $_query=$db->query($_query);
+ $res=$db->fetch_array($_query);
+ return $res['display_name'];
+ }
+ function add_image_comment($id)
+ {
+ $owner = "SELECT `owner` FROM `images` WHERE `id`='" . $id . "'";
+ $owner = $db->query($owner);
+ $owner = $db->fetch_array($owner);
+ $owner = $owner['owner'];
+ if($session->is_friend($owner)
+ {
+ foreach($_POST as $key => value)
+ {
+ $var[$key] = mysql_real_escape_string($value);
+ }
+ $_query="INSERT INTO `image_comments` VALUES('', '" . $id . "', '" . time() . "', '" . $user->data['user_id'] . "', '" . $var['comment'] . "'";
+ $db->query($_query);
+ }
+ }
+ function generate_timestamp($time)
+ {
+ if($session->logged_in())
+ {
+ $_query="SELECT `time_offset` FROM `users` WHERE `id`='" . $user->data['user_id'] . "'";
+ $_query=$db->query($_query);
+ $_query=$db->fetch_array($_query);
+ $offset=$_query['time_offset'];
+
+ $diff = $offset * 60 * 60;
+ }
+ $time = $time + $diff;
+ return date('m/d/Y G:i:s', $time);
+ }
+}
+?>
\ No newline at end of file
Added: trunk/functions/template.php
===================================================================
--- trunk/functions/template.php (rev 0)
+++ trunk/functions/template.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,50 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: template.php 7 2007-07-27 20:05:38Z p3net.tech $
+*********************************************************/
+$this =& new template;
+class template
+{
+ function template($file=null)
+ {
+ $this->$file = $file;
+ }
+ function set($name, $value)
+ {
+ $this->vars[$name] = is_object($value) ? $value->fetch() : $value;
+ }
+ function fetch($file = null)
+ {
+ if(!$file) $file = $this->file;
+
+ extract($this->vars);
+ ob_start();
+ include('../template/' . $file);
+ $contents = ob_get_contents();
+ ob_end_clean();
+ return $contents;
+ }
+ function parse($content)
+ {
+ $head =& new template('outer.tpl');
+ $head->set('title', $title);
+ $head->set('content', $content);
+ }
+}
+?>
\ No newline at end of file
Added: trunk/gallery.php
===================================================================
--- trunk/gallery.php (rev 0)
+++ trunk/gallery.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,115 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: gallery.php 8 2007-07-27 20:56:25Z p3net.tech $
+*********************************************************/
+class gallery
+{
+ function view($id)
+ {
+ if($id == 0)
+ {
+ $error->general('Must be logged in!', 'Tried to access gallery as owner while unauthenticated');
+ }
+ else
+ {
+ if($session->is_friend($id))
+ {
+ $_query="SELECT `id` FROM `images` WHERE `owner`='" . $id . "'";
+ $_query=$db->query($_query);
+ $_query=$db->fetch_array($_query);
+ $gallery =& new template('gallery.tpl');
+ $gallery->set('gallery', $_query);
+ }
+ }
+ }
+ function drill($img_id, $owner)
+ {
+ if(empty($img_id))
+ {
+ $error->general('An image must be specified', 'Tried to access drill without specifying image id');
+ }
+ else
+ {
+ if($session->is_friend($owner))
+ {
+ $_query = "SELECT * FROM `images` WHERE `id`='" . $img_id . "'";
+ $img = $db->query($_query);
+
+ $_query = "SELECT * FROM `images_comments` WHERE `image`='" . $img_id . "'";
+ $img_com = $db->query($_query);
+
+ foreach($db->fetch_array($img_com) as $key => value)
+ {
+ foreach($value as $key_name => $key_value)
+ {
+ if($key_value == 'author')
+ {
+ $key_value = $session->get_username($key_value);
+ }
+ $com[$key_name] = $key_value;
+ }
+ }
+ $img=$db->fetch_array($img);
+ if(isset($user->data['user_id'] && $user->data['user_id'] != $img['owner'])
+ {
+ $img['views']++;
+ $_query="UPDATE `images` SET `views`='" . $views . "' WHERE `id`='" . $img_id . "'";
+ $db->query($_query);
+ }
+ $drill =& new template('drill.tpl');
+ $drill->set('id', $img_id);
+ $drill->set('comments', $com);
+ $drill->set('views', $img['views']);
+ $drill->set('desc', $img['desc']);
+ $drill->set('name', $img['name']);
+ }
+ }
+ }
+ function comment($id, $owner)
+ {
+ if($session->is_friend($owner))
+ {
+ $form =& new template('forms/gallery_comment.tpl');
+ }
+ }
+ function comment_process()
+ {
+ $img_id=$_POST["id"];
+ $session->add_image_comment($img_id);
+ }
+}
+$gallery =& new gallery;
+$mode = empty($_GET["mode"]) ? 'view' : $_GET["mode"];
+$id = empty($_GET["id"]) ? ($session->logged_in() ? $user->data['user_id'] : 0) : mysql_real_escape_string($_GET["id"]);
+switch $mode
+{
+ case 'view':
+ $gallery->view($id);
+ break;
+ case 'drill':
+ $gallery->drill(mysql_real_escape_string($_GET["img"]), $id);
+ break;
+ case 'comment':
+ $gallery->comment($id, $owner_id);
+ break;
+ case 'process':
+ $gallery->comment_process();
+ break;
+}
+?>
\ No newline at end of file
Added: trunk/globals.php
===================================================================
--- trunk/globals.php (rev 0)
+++ trunk/globals.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,63 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: globals.php 6 2007-07-27 19:03:49Z p3net.tech $
+*********************************************************/
+/* Include our larger functions */
+require_once('./functions/db.php');
+require_once('./functions/template.php');
+require_once('./session.php');
+
+/*The smaller ones*/
+class error
+{
+ function general($err, $verbose)
+ {
+ $error =& new template('messages/error.tpl');
+ $error->set('err', $err);
+ $handle = fopen('logs/errors.txt', 'w');
+ if($handle)
+ {
+ $entry = "[" . date('d M Y H:i:s') . "][" . $REMOTE_ADDR . "] " . $err . " - " . $verbose;
+ if(!fwrite($handle, $entry))
+ {
+ continue();
+ }
+ }
+ fclose($handle);
+ exit();
+ }
+}
+function message
+{
+ function thank($message, $go1, $res1, $go2="", $res2="")
+ {
+ $message =& new template('message/thank.tpl');
+ $message->set('go1', $go1);
+ $message->set('go2', $go2);
+ $message->set('res1', $res1);
+ $message->set('res2', $res2);
+ $message->set('message', $message);
+ }
+}
+$error =& new error;
+$db =& new db;
+$template =& new template;
+$user =& new session();
+$message =& new message();
+?>
\ No newline at end of file
Added: trunk/group.php
===================================================================
--- trunk/group.php (rev 0)
+++ trunk/group.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,21 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: group.php 7 2007-07-27 20:05:38Z p3net.tech $
+*********************************************************/
+?>
\ No newline at end of file
Added: trunk/images.php
===================================================================
--- trunk/images.php (rev 0)
+++ trunk/images.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,110 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: images.php 5 2007-07-26 23:43:48Z p3net.tech $
+*********************************************************/
+include('globals.php');
+class image
+{
+ function full($id)
+ {
+ $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
+ if(empty($id))
+ {
+ $error->general("Invalid ID specified", "Not an (int)");
+ }
+ $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
+ $img=$db->fetch_array($db->query($_query));
+
+ header('Content-type: ' . $img['mine_type']);
+ header('Content-Disposition: attachment; filename=' . $img['name']);
+ echo $img['content'];
+ }
+ function thumb($id)
+ {
+ $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
+ if(empty($id))
+ {
+ $error->general("Invalid ID specified", "Not an (int)");
+ }
+ $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
+ $img=$db->fetch_array($db->query($_query));
+
+ /* We're going to resize the larger dimension to 150px */
+ if($img['width'] > $img['height'])
+ {
+ $scale_percentage = $img['width'] / 150;
+ }
+ else
+ {
+ $scale_percentage = $img['height'] / 150;
+ }
+ $new_dimensions = array(
+ 'width' => ($scale_percentage < 1) ? $img['width'] * $scale_percentage : $img['width'],
+ 'height' => ($scale_percentage < 1) ? $img['height'] * $scale_percentage : $img['height']
+ );
+ header('Content-type: ' . $img['mine_type']);
+ header('Content-Disposition: attachment; filename=' . $img['name']);
+
+ $type = explode("/", $img['mine_type']);
+ $type = $type[1];
+ switch $type
+ {
+ case 'jpeg':
+ $new_image = imagecreatefromjpeg($img['content']);
+ break;
+ case 'png':
+ $new_image = imagecreatefrompng($img['content']);
+ break;
+ case 'gif':
+ $new_image = imagecreatefromgif($img['content']);
+ break;
+ }
+ $res = imagecreatetruecolor($new_dimensions['width'], $new_dimensions['height']);
+ imagecopyresized($res, $new_image, 0, 0, 0, 0, $new_dimensions['width'], $new_dimensions['height'], $img['width'], $img['height']);
+
+ switch $type
+ {
+ case 'jpeg':
+ imagejpeg($res);
+ break;
+ case 'png':
+ imagepng($res);
+ break;
+ case 'gif':
+ imagegif($res);
+ break;
+ }
+ }
+}
+
+$this =& new image;
+
+/* Actually handle the data here */
+$mode=$_GET["mode"];
+switch $mode
+{
+ case 'view':
+ $this->full();
+ break;
+
+ case 'thumb':
+ $this->thumb();
+ break;
+}
+?>
\ No newline at end of file
Added: trunk/index.php
===================================================================
--- trunk/index.php (rev 0)
+++ trunk/index.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,34 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: index.php 5 2007-07-26 23:43:48Z p3net.tech $
+*********************************************************/
+include('globals.php');
+/* 5 most recent users should be enough. We can fill the rest with ads or something */
+$_query = "SELECT `id`, `display_name`, `user_image` FROM `users` SORT BY `id` DESC LIMIT 5";
+$res = ($db->query($_query);
+while($user = $db->fetch_array($_query))
+{
+ $userdetail[$user['display_name']] = array(
+ 'id' => $user['id'],
+ `icon` => $user['user_image']
+ );
+}
+$index =& new template('home.tpl');
+$index->set('userdetail', $userdetail);
+?>
\ No newline at end of file
Added: trunk/logs/errors.txt
===================================================================
Added: trunk/profile.php
===================================================================
--- trunk/profile.php (rev 0)
+++ trunk/profile.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,190 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: profile.php 8 2007-07-27 20:56:25Z p3net.tech $
+*********************************************************/
+include('globals');
+class profile
+{
+ function register()
+ {
+ $step = empty($_GET["step"]) ? '1' : $_GET["step"];
+ if($step == 1)
+ {
+ $form =& new template('forms/register.tpl');
+ }
+ else if($step == 2)
+ {
+ foreach($_POST as $key => $value)
+ {
+ $vars[$key] = mysql_real_escape_string($value);
+ }
+ $_query = "INSERT INTO users (`id`, `display_name`, `password`, `join`, `time_offset` VALUES('', '" . $vars["display_name"] . "', '" .
+ md5($vars["password"] . "', '" . time() . "', '" . $vars["offset"] . "')";
+ $db->query($_query);
+ $message->thank('for registering.', 'to proceed to the login page.', 'profile.php?mode=login');
+ }
+ }
+ function edit()
+ {
+ /* I'm too lazy to code this so we'll do it later */
+ }
+ function delete()
+ {
+ /* Need to work everything else out first */
+ }
+ function pics()
+ {
+ if(!($user->logged_in()))
+ {
+ $error->general("Not logged in", "Pics upload");
+ }
+ $step = empty($_GET["step"]) ? '1' : $_GET["step"];
+ if($step == 1)
+ {
+ $form =& new template('forms/upload_pic.tpl');
+ }
+ else
+ {
+ if($_FILES['pic']['size'] < 1)
+ {
+ $error->general("No image uploaded", "File size = 0");
+ }
+ $file_name = $_FILES['pic']['name'];
+ $tmp_name = $_FILES['pic']['tmp_name'];
+ $file_size = $_FILES['pic']['size'];
+ $file_type = $_FILES['pic']['type'];
+
+ list($width, $height) = getimagesize($tmp_name) or $general->error("Could not upload", "Not an image");
+
+ $fp = fopen($tmp_name, 'r');
+ $content = fread($fp, filesize($tmp_name));
+ $content = addslashes($content);
+ fclose($fp);
+
+ $_query="INSERT INTO `images` VALUES('', '" . $user->data["user_id"] . "', '" . $content . "', '" . $file_type . "', ''"
+ . mysql_real_escape_string(htmlspecialchars($_POST["desc"])) "', '" . $width . "', '" . $height . ",'" . $file_name . "', '0');";
+ $db->query($_query);
+
+ $user->action(4, '');
+ $message->thank('for uploading an image', 'go back to the previous page', 'javascript:history.go(\'-2\')');
+ }
+ }
+ function login()
+ {
+ $step = empty($_GET["step"]) ? '1' : $_GET["step"];
+ if($step == 1)
+ {
+ $form =& new template('forms/login.tpl');
+ }
+ else
+ {
+ foreach($_POST as $key => $value)
+ {
+ $var[$key] = mysql_real_escape_string(htmlspecialchars($value));
+ }
+ $_query = "SELECT `id` FROM `users` WHERE `email` = '" . $var['email'] . "' AND `password` = '" . md5($var['password']) . "'";
+ $_query = $db->query($_query);
+ $num = mysql_num_rows($_query);
+ if($num > 0)
+ {
+ $id = $db->fetch_array($_query);
+ $session->login($id['id']);
+ $message->thank('logging in', 'to return to the index', 'index.php');
+ }
+ else
+ {
+ $error->general('Incorrect Details', print_r($var));
+ }
+ }
+ }
+ function inbox()
+ {
+ $_query="SELECT `id`, `from`, `date`, `subject`, `read` FROM `private_messages` ORDER BY `id` DESC";
+ $_query=$db->query($_query);
+ $i=0;
+ while($temp=$db->fetch_array($_query))
+ {
+ $pm[$i] = array(
+ 'id' => $temp['id'],
+ 'from' => $session->get_username($temp['from']),
+ 'date' => $session->generate_timestamp($temp['date']),
+ 'subject' => $temp['subject'],
+ 'read' => $temp['read']
+ );
+ $i++;
+ }
+ $template =& new template('inbox.tpl');
+ $template->set('pm', $pm);
+ }
+ function message(mysql_real_escape_string($id))
+ {
+ $_query="SELECT * FROM `private_messages` WHERE `id`='" . $id . "'";
+ $_query=$db->query($_query);
+ $arr=$db->fetch_array($_query);
+ $read =& new template('read.tpl');
+ $read->set('from', $session->get_username($arr["from"]));
+ $read->set('date', $session->generate_timestamp($arr["date"]));
+ $read->set('subject', $arr["subject"]);
+ $read->set('message', $arr["message"]);
+ if($arr["read"] != '1')
+ {
+ $_query="UPDATE `private_messages` SET `read`='1' WHERE `id`='" . $id . "'";
+ $db->query($_query);
+ }
+ }
+ function send()
+ {
+ $template =& new template('send.tpl');
+ }
+ function send_process()
+ {
+ }
+}
+$profile =& new profile;
+switch $_GET["mode"]
+{
+ case 'register':
+ $profile->register();
+ break;
+ case 'edit':
+ $profile->edit();
+ break;
+ case 'delete':
+ $profile->delete();
+ break;
+ case 'pics':
+ $profile->pics();
+ break;
+ case 'login':
+ $profile->login();
+ break;
+ case 'inbox':
+ $profile->inbox();
+ break;
+ case 'message':
+ $profile->message($_GET["id"]);
+ break;
+ case 'send':
+ $profile->send();
+ break;
+ case 'send_process':
+ $profile->send_process();
+ break;
+}
+?>
\ No newline at end of file
Added: trunk/template/drill.tpl
===================================================================
Added: trunk/template/forms/gallery_comment.tpl
===================================================================
Added: trunk/template/forms/login.tpl
===================================================================
--- trunk/template/forms/login.tpl (rev 0)
+++ trunk/template/forms/login.tpl 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,4 @@
+<form action="profile.php?mode=login&step=2" method="post">
+Email Address: <input type="text" name="email"> <br />
+Password: <input type="password" name="password"><br />
+</form>
\ No newline at end of file
Added: trunk/template/forms/register.tpl
===================================================================
Added: trunk/template/forms/upload_pic.tpl
===================================================================
--- trunk/template/forms/upload_pic.tpl (rev 0)
+++ trunk/template/forms/upload_pic.tpl 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,4 @@
+<form action="profile.php?mode=pics&step=2" method="post">
+Picture: <input type="file" name="pic"><input type="hidden" name="MAX_FILE_SIZE" value="2000000"><br />
+Description: <textarea rows="4" cols="60" name="desc"></textarea><br />
+</form>
\ No newline at end of file
Added: trunk/template/gallery.tpl
===================================================================
Added: trunk/template/home.tpl
===================================================================
--- trunk/template/home.tpl (rev 0)
+++ trunk/template/home.tpl 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,7 @@
+<!-- New Members -->
+<?php
+foreach($userdetail as $key => $value)
+{
+ echo "<img src=\"images.php?mode=thumb&id=" . $value['user_image'] . "\" /><br /><a href=\"&id=" . $value['id'] . "\">" . $key . "</a>";
+}
+?>
\ No newline at end of file
Added: trunk/template/inbox.tpl
===================================================================
Added: trunk/template/messages/error.tpl
===================================================================
--- trunk/template/messages/error.tpl (rev 0)
+++ trunk/template/messages/error.tpl 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,2 @@
+<b>General Error</b> - <?php echo $err; ?><br /><br />
+This error and debugging information has been written to the error log. If it continues, please <a href="mailto:">contact the administrator</a>.
\ No newline at end of file
Added: trunk/template/messages/thank.tpl
===================================================================
--- trunk/template/messages/thank.tpl (rev 0)
+++ trunk/template/messages/thank.tpl 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,3 @@
+<b>Thank you <?php echo $message; ?></b><br /><br />
+<a href="<?php echo $go1; ?>">Click here</a> <?php echo $res1; ?><br />
+<?php if(!empty($go2)) { ?> <a href="<?php echo $go2; ?>">Click here</a><?php echo $res2; ?></br ><?php } ?>
\ No newline at end of file
Added: trunk/template/outer.tpl
===================================================================
--- trunk/template/outer.tpl (rev 0)
+++ trunk/template/outer.tpl 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,8 @@
+<html>
+ <head>
+ <title>Project Orange | <?php echo $title; ?></title>
+ </head>
+ <body>
+ <?php echo $contents; ?>
+ </body>
+</html>
\ No newline at end of file
Added: trunk/template/read.tpl
===================================================================
Added: trunk/template/send.tpl
===================================================================
Added: trunk/viewspace.php
===================================================================
--- trunk/viewspace.php (rev 0)
+++ trunk/viewspace.php 2007-07-28 17:23:56 UTC (rev 17)
@@ -0,0 +1,23 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id: viewspace.php 7 2007-07-27 20:05:38Z p3net.tech $
+*********************************************************/
+/* Todo: If no id is set or id is yours, show you owner view instead
+ Alternatively, actual view will be shown if &view=real is appended*/
+?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-07-28 21:16:51
|
Revision: 19
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=19&view=rev
Author: p3net
Date: 2007-07-28 14:16:51 -0700 (Sat, 28 Jul 2007)
Log Message:
-----------
First round of bugfixes
Modified Paths:
--------------
trunk/functions/db.php
trunk/functions/session.php
trunk/gallery.php
trunk/globals.php
trunk/images.php
Modified: trunk/functions/db.php
===================================================================
--- trunk/functions/db.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/functions/db.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,46 +14,47 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-$this =& new db;
-class db
-{
- function db()
- {
- require_once('./../config.php');
-
- $db = mysql_connect($db_info['host'], $db_info['user'], $db_info['pass']);
- if(!$db)
- {
- $error->general('Could not Connect to Database', mysql_error());
- }
- else
- {
- if(!mysql_select_db($db_info['name']))
- {
- $error->general('Could not Select Database', mysql_error());
- }
- }
- }
- function query($query)
- {
- $query = mysql_query($query)
- if(!$query)
- {
- $error->general('Could not query database', mysql_error());
- }
- return $query;
- }
- function fetch_array($query)
- {
- $query = mysql_fetch_array($query);
- if(!$query)
- {
- $error$db->general('Could not fetch array from database', mysql_error());
- }
- return $query;
-}
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+$this =& new db;
+class db
+{
+ function db()
+ {
+ require_once('./../config.php');
+
+ $db = mysql_connect($db_info['host'], $db_info['user'], $db_info['pass']);
+ if(!$db)
+ {
+ $error->general('Could not Connect to Database', mysql_error());
+ }
+ else
+ {
+ if(!mysql_select_db($db_info['name']))
+ {
+ $error->general('Could not Select Database', mysql_error());
+ }
+ }
+ }
+ function query($query)
+ {
+ $query = mysql_query($query);
+ if(!$query)
+ {
+ $error->general('Could not query database', mysql_error());
+ }
+ return $query;
+ }
+ function fetch_array($query)
+ {
+ $query = mysql_fetch_array($query);
+ if(!$query)
+ {
+ $error->general('Could not fetch array from database', mysql_error());
+ }
+ return $query;
+ }
+}
?>
\ No newline at end of file
Modified: trunk/functions/session.php
===================================================================
--- trunk/functions/session.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/functions/session.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,267 +14,267 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-/********************************************************
-The name here is a bit of a misnomer. The session class
-handles all user-interaction related processes -- both
-interaction between user and server and interaction
-between user and user
-**********************************************************/
-class session
-{
- function create()
- {
- /* We don't have a session and aren't logged in. Let's create it */
- $id = md5(time() . rand(1,1000));
- /* Check to make sure it's unique */
- $_query="INSERT INTO `sessions` VALUES('" . $id . "', '-1', '" . $REMOTE_ADDR . "', '" . time() . "')";
- $db->query($_query);
- $_COOKIE["session_id"] = $id;
- }
- function check()
- {
- /* We need to check if a session exists by looking for the session cookie. If that's not there,
- then we return false (since the user isn't logged in). We also match the IP */
- $ip = $REMOTE_ADDR;
- $_query = "SELECT * FROM `sessions` WHERE `ip` = '" . $ip . "'";
- $res = $db->query($_query);
- if(mysql_num_rows($res) == 0)
- {
- $session->create();
- }
- else
- {
- /* Get an array of our session info */
- $res = $db->fetch_array($res);
- if($res['id'] != $_COOKIE["session_id"])
- {
- $session->create();
- }
- else
- {
- foreach($res as $key => $value)
- {
- $user->data[$key] = $value;
- }
- /* Update our updated time */
- $_query="UPDATE `sessions` SET `last_update` = '" . time() . "' WHERE `id` = '" . $user->data['id'] . "' LIMIT 1";
- $db->query($_query);
- }
- }
- /* We also need to get rid of users who haven't done anything in the last half-hour */
- $_query = "DELETE * FROM `sessions` WHERE `last_update` < " . (time() - (60*30));
- $db->query($_query);
- }
- function logged_in()
- {
- if($user->data['id'] != "-1")
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- function login($user_id)
- {
- $session->check();
- if($session->logged_in())
- {
- /* Wait - what? */
- $error->general("Already logged in", "Session already populated");
- }
- else
- {
- $_query = "UPDATE `sessions` SET `user_id` = '" . $user_id . "' WHERE `id` = '" . $_COOKIE["session_id"] . " LIMIT 1";
- $db->query($_query);
- /* Run the session check again. It'll make the row and populate $user->data */
- $session->check();
- }
- }
- function logout()
- {
- if($session->logged_in())
- {
- $_query = "UPDATE `sessions` SET `user_id` = '-1' WHERE `id` = '" . $user->data['id'] . "' AND `ip` = '" . $user->data['ip'] . "' LIMIT 1";
- $db->query($_query);
- $user->data = null;
- }
- else
- {
- $error->general('Not logged in', 'User ID = -1');
- }
- }
- function is_friend($id)
- {
- if(!$user->logged_in())
- {
- return false;
- }
- else
- {
- $_query = "SELECT * FROM `friends` WHERE `party_1` = '" . $user->data['user_id'] . "' AND AND `party_2`='" . $id . "' AND `accepted`='1'";
- $_query = $db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- return true;
- }
- else
- {
- $_query = "SELECT * FROM `friends` WHERE `party_2` = '" . $user->data['user_id'] . "' AND `party_1`='" . $id . "' AND `accepted`='1'";
- $_query = $db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- }
- }
- function action($action, $who="")
- {
- /*List of actions:
- 1. Updated Space
- 2. Left you a comment
- 3. Left a comment on one of your pictures
- 4. Uploaded a picture
- 5. Added you as a friend
- 6. New blog post
- 7. Left you a comment on a blog post
- 8. Joined a group
- 9. Created a group */
- $_query="INSERT INTO `actions` VALUES('" . time() . "', '" . $user->data['user_id'] . "', '" . $action . "', '" . $who . "')";
- $db->query($_query);
- return true;
- }
- function add_friend($id)
- {
- if(!$user->logged_in())
- {
- $error->general("Not logged in", "Add as friend");
- }
- else
- {
- if($user->is_friend($id))
- {
- $error->general("Already friend", "Add as friend");
- }
- else
- {
- $_query = "SELECT * FROM `friends` WHERE `party_1`='" . $user->data['user_id'] . " AND `party_2`='" . $id . "'";
- $_query=$db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- $error->general("Already added as friend, awaiting acception", "Add as friend");
- }
- else
- {
- $_query = "SELECT * FROM `friends` WHERE `party_2`='" . $user->data['user_id'] . " AND `party_1`='" . $id . "'";
- $_query=$db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- $error->general("User has already added you as a friend. Accept them in your friend control panel.", "Add as friend");
- }
- else
- {
- $_query="INSERT INTO `friends` VALUES('" . $user->data['user_id'] . "', '" . $id . "', '0'";
- $db->query($_query);
- $message->thank("adding this user as your friend. You will be alerted when they accept you as a friend.", "to go back", "javascript:history.go(-1)");
- }
- }
- }
- }
- }
- function accept_friend($id)
- {
- $_query="UPDATE `friends` SET `accepted`='1' WHERE `party_2`='" . $data->user['user_id'] . "' AND `party_1='" . $id . "' LIMIT 1";
- $db->query($_query);
- $user->action(5, $id);
- }
- function can_view($id)
- {
- /*We're simply checking whether or not we have the permissions to view this space */
- /*First we need to figure out what the space privacy setting is*/
- $_query="SELECT `privacy` FROM `users` WHERE `id`='" . $id . "' LIMIT 1";
- $_query=$db->query($_query);
- $_query=$db->fetch_array($_query);
- $res=$_query['privacy'];
- if($res == '0')
- {
- /*All users can view this space*/
- return true;
- }
- else
- {
- /*We need to check if we're they're friend*/
- if($session->is_friend($id))
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- }
- function add_comment($id)
- {
- if($session->is_friend($id))
- {
- /*Okay, we have permission to leave this comment*/
- foreach($_POST as $key => $value)
- {
- $var[$key] = mysql_real_escape_string($value);
- }
- $_query="INSERT INTO `comments` VALUES('', '" . time() . "', '" . $user->data['user_id'] . "', '" . $id . "', '" . $var['body'] .
- "'";
- $db->query($_query);
- $session->action('2', $id);
- }
- }
- function get_username($id)
- {
- $_query="SELECT `display_name` FROM `users` WHERE `id`='" . $id . "'";
- $_query=$db->query($_query);
- $res=$db->fetch_array($_query);
- return $res['display_name'];
- }
- function add_image_comment($id)
- {
- $owner = "SELECT `owner` FROM `images` WHERE `id`='" . $id . "'";
- $owner = $db->query($owner);
- $owner = $db->fetch_array($owner);
- $owner = $owner['owner'];
- if($session->is_friend($owner)
- {
- foreach($_POST as $key => value)
- {
- $var[$key] = mysql_real_escape_string($value);
- }
- $_query="INSERT INTO `image_comments` VALUES('', '" . $id . "', '" . time() . "', '" . $user->data['user_id'] . "', '" . $var['comment'] . "'";
- $db->query($_query);
- }
- }
- function generate_timestamp($time)
- {
- if($session->logged_in())
- {
- $_query="SELECT `time_offset` FROM `users` WHERE `id`='" . $user->data['user_id'] . "'";
- $_query=$db->query($_query);
- $_query=$db->fetch_array($_query);
- $offset=$_query['time_offset'];
-
- $diff = $offset * 60 * 60;
- }
- $time = $time + $diff;
- return date('m/d/Y G:i:s', $time);
- }
-}
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+/********************************************************
+The name here is a bit of a misnomer. The session class
+handles all user-interaction related processes -- both
+interaction between user and server and interaction
+between user and user
+**********************************************************/
+class session
+{
+ function create()
+ {
+ /* We don't have a session and aren't logged in. Let's create it */
+ $id = md5(time() . rand(1,1000));
+ /* Check to make sure it's unique */
+ $_query="INSERT INTO `sessions` VALUES('" . $id . "', '-1', '" . $REMOTE_ADDR . "', '" . time() . "')";
+ $db->query($_query);
+ $_COOKIE["session_id"] = $id;
+ }
+ function check()
+ {
+ /* We need to check if a session exists by looking for the session cookie. If that's not there,
+ then we return false (since the user isn't logged in). We also match the IP */
+ $ip = $REMOTE_ADDR;
+ $_query = "SELECT * FROM `sessions` WHERE `ip` = '" . $ip . "'";
+ $res = $db->query($_query);
+ if(mysql_num_rows($res) == 0)
+ {
+ $session->create();
+ }
+ else
+ {
+ /* Get an array of our session info */
+ $res = $db->fetch_array($res);
+ if($res['id'] != $_COOKIE["session_id"])
+ {
+ $session->create();
+ }
+ else
+ {
+ foreach($res as $key => $value)
+ {
+ $user->data[$key] = $value;
+ }
+ /* Update our updated time */
+ $_query="UPDATE `sessions` SET `last_update` = '" . time() . "' WHERE `id` = '" . $user->data['id'] . "' LIMIT 1";
+ $db->query($_query);
+ }
+ }
+ /* We also need to get rid of users who haven't done anything in the last half-hour */
+ $_query = "DELETE * FROM `sessions` WHERE `last_update` < " . (time() - (60*30));
+ $db->query($_query);
+ }
+ function logged_in()
+ {
+ if($user->data['id'] != "-1")
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ function login($user_id)
+ {
+ $session->check();
+ if($session->logged_in())
+ {
+ /* Wait - what? */
+ $error->general("Already logged in", "Session already populated");
+ }
+ else
+ {
+ $_query = "UPDATE `sessions` SET `user_id` = '" . $user_id . "' WHERE `id` = '" . $_COOKIE["session_id"] . " LIMIT 1";
+ $db->query($_query);
+ /* Run the session check again. It'll make the row and populate $user->data */
+ $session->check();
+ }
+ }
+ function logout()
+ {
+ if($session->logged_in())
+ {
+ $_query = "UPDATE `sessions` SET `user_id` = '-1' WHERE `id` = '" . $user->data['id'] . "' AND `ip` = '" . $user->data['ip'] . "' LIMIT 1";
+ $db->query($_query);
+ $user->data = null;
+ }
+ else
+ {
+ $error->general('Not logged in', 'User ID = -1');
+ }
+ }
+ function is_friend($id)
+ {
+ if(!$user->logged_in())
+ {
+ return false;
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_1` = '" . $user->data['user_id'] . "' AND AND `party_2`='" . $id . "' AND `accepted`='1'";
+ $_query = $db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ return true;
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_2` = '" . $user->data['user_id'] . "' AND `party_1`='" . $id . "' AND `accepted`='1'";
+ $_query = $db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ }
+ }
+ function action($action, $who="")
+ {
+ /*List of actions:
+ 1. Updated Space
+ 2. Left you a comment
+ 3. Left a comment on one of your pictures
+ 4. Uploaded a picture
+ 5. Added you as a friend
+ 6. New blog post
+ 7. Left you a comment on a blog post
+ 8. Joined a group
+ 9. Created a group */
+ $_query="INSERT INTO `actions` VALUES('" . time() . "', '" . $user->data['user_id'] . "', '" . $action . "', '" . $who . "')";
+ $db->query($_query);
+ return true;
+ }
+ function add_friend($id)
+ {
+ if(!$user->logged_in())
+ {
+ $error->general("Not logged in", "Add as friend");
+ }
+ else
+ {
+ if($user->is_friend($id))
+ {
+ $error->general("Already friend", "Add as friend");
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_1`='" . $user->data['user_id'] . " AND `party_2`='" . $id . "'";
+ $_query=$db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ $error->general("Already added as friend, awaiting acception", "Add as friend");
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_2`='" . $user->data['user_id'] . " AND `party_1`='" . $id . "'";
+ $_query=$db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ $error->general("User has already added you as a friend. Accept them in your friend control panel.", "Add as friend");
+ }
+ else
+ {
+ $_query="INSERT INTO `friends` VALUES('" . $user->data['user_id'] . "', '" . $id . "', '0'";
+ $db->query($_query);
+ $message->thank("adding this user as your friend. You will be alerted when they accept you as a friend.", "to go back", "javascript:history.go(-1)");
+ }
+ }
+ }
+ }
+ }
+ function accept_friend($id)
+ {
+ $_query="UPDATE `friends` SET `accepted`='1' WHERE `party_2`='" . $data->user['user_id'] . "' AND `party_1='" . $id . "' LIMIT 1";
+ $db->query($_query);
+ $user->action(5, $id);
+ }
+ function can_view($id)
+ {
+ /*We're simply checking whether or not we have the permissions to view this space */
+ /*First we need to figure out what the space privacy setting is*/
+ $_query="SELECT `privacy` FROM `users` WHERE `id`='" . $id . "' LIMIT 1";
+ $_query=$db->query($_query);
+ $_query=$db->fetch_array($_query);
+ $res=$_query['privacy'];
+ if($res == '0')
+ {
+ /*All users can view this space*/
+ return true;
+ }
+ else
+ {
+ /*We need to check if we're they're friend*/
+ if($session->is_friend($id))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ }
+ function add_comment($id)
+ {
+ if($session->is_friend($id))
+ {
+ /*Okay, we have permission to leave this comment*/
+ foreach($_POST as $key => $value)
+ {
+ $var[$key] = mysql_real_escape_string($value);
+ }
+ $_query="INSERT INTO `comments` VALUES('', '" . time() . "', '" . $user->data['user_id'] . "', '" . $id . "', '" . $var['body'] .
+ "'";
+ $db->query($_query);
+ $session->action('2', $id);
+ }
+ }
+ function get_username($id)
+ {
+ $_query="SELECT `display_name` FROM `users` WHERE `id`='" . $id . "'";
+ $_query=$db->query($_query);
+ $res=$db->fetch_array($_query);
+ return $res['display_name'];
+ }
+ function add_image_comment($id)
+ {
+ $owner = "SELECT `owner` FROM `images` WHERE `id`='" . $id . "'";
+ $owner = $db->query($owner);
+ $owner = $db->fetch_array($owner);
+ $owner = $owner['owner'];
+ if($session->is_friend($owner))
+ {
+ foreach($_POST as $key => $value)
+ {
+ $var[$key] = mysql_real_escape_string($value);
+ }
+ $_query="INSERT INTO `image_comments` VALUES('', '" . $id . "', '" . time() . "', '" . $user->data['user_id'] . "', '" . $var['comment'] . "'";
+ $db->query($_query);
+ }
+ }
+ function generate_timestamp($time)
+ {
+ if($session->logged_in())
+ {
+ $_query="SELECT `time_offset` FROM `users` WHERE `id`='" . $user->data['user_id'] . "'";
+ $_query=$db->query($_query);
+ $_query=$db->fetch_array($_query);
+ $offset=$_query['time_offset'];
+
+ $diff = $offset * 60 * 60;
+ }
+ $time = $time + $diff;
+ return date('m/d/Y G:i:s', $time);
+ }
+}
?>
\ No newline at end of file
Modified: trunk/gallery.php
===================================================================
--- trunk/gallery.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/gallery.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,102 +14,102 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-class gallery
-{
- function view($id)
- {
- if($id == 0)
- {
- $error->general('Must be logged in!', 'Tried to access gallery as owner while unauthenticated');
- }
- else
- {
- if($session->is_friend($id))
- {
- $_query="SELECT `id` FROM `images` WHERE `owner`='" . $id . "'";
- $_query=$db->query($_query);
- $_query=$db->fetch_array($_query);
- $gallery =& new template('gallery.tpl');
- $gallery->set('gallery', $_query);
- }
- }
- }
- function drill($img_id, $owner)
- {
- if(empty($img_id))
- {
- $error->general('An image must be specified', 'Tried to access drill without specifying image id');
- }
- else
- {
- if($session->is_friend($owner))
- {
- $_query = "SELECT * FROM `images` WHERE `id`='" . $img_id . "'";
- $img = $db->query($_query);
-
- $_query = "SELECT * FROM `images_comments` WHERE `image`='" . $img_id . "'";
- $img_com = $db->query($_query);
-
- foreach($db->fetch_array($img_com) as $key => value)
- {
- foreach($value as $key_name => $key_value)
- {
- if($key_value == 'author')
- {
- $key_value = $session->get_username($key_value);
- }
- $com[$key_name] = $key_value;
- }
- }
- $img=$db->fetch_array($img);
- if(isset($user->data['user_id'] && $user->data['user_id'] != $img['owner'])
- {
- $img['views']++;
- $_query="UPDATE `images` SET `views`='" . $views . "' WHERE `id`='" . $img_id . "'";
- $db->query($_query);
- }
- $drill =& new template('drill.tpl');
- $drill->set('id', $img_id);
- $drill->set('comments', $com);
- $drill->set('views', $img['views']);
- $drill->set('desc', $img['desc']);
- $drill->set('name', $img['name']);
- }
- }
- }
- function comment($id, $owner)
- {
- if($session->is_friend($owner))
- {
- $form =& new template('forms/gallery_comment.tpl');
- }
- }
- function comment_process()
- {
- $img_id=$_POST["id"];
- $session->add_image_comment($img_id);
- }
-}
-$gallery =& new gallery;
-$mode = empty($_GET["mode"]) ? 'view' : $_GET["mode"];
-$id = empty($_GET["id"]) ? ($session->logged_in() ? $user->data['user_id'] : 0) : mysql_real_escape_string($_GET["id"]);
-switch $mode
-{
- case 'view':
- $gallery->view($id);
- break;
- case 'drill':
- $gallery->drill(mysql_real_escape_string($_GET["img"]), $id);
- break;
- case 'comment':
- $gallery->comment($id, $owner_id);
- break;
- case 'process':
- $gallery->comment_process();
- break;
-}
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+class gallery
+{
+ function view($id)
+ {
+ if($id == 0)
+ {
+ $error->general('Must be logged in!', 'Tried to access gallery as owner while unauthenticated');
+ }
+ else
+ {
+ if($session->is_friend($id))
+ {
+ $_query="SELECT `id` FROM `images` WHERE `owner`='" . $id . "'";
+ $_query=$db->query($_query);
+ $_query=$db->fetch_array($_query);
+ $gallery =& new template('gallery.tpl');
+ $gallery->set('gallery', $_query);
+ }
+ }
+ }
+ function drill($img_id, $owner)
+ {
+ if(empty($img_id))
+ {
+ $error->general('An image must be specified', 'Tried to access drill without specifying image id');
+ }
+ else
+ {
+ if($session->is_friend($owner))
+ {
+ $_query = "SELECT * FROM `images` WHERE `id`='" . $img_id . "'";
+ $img = $db->query($_query);
+
+ $_query = "SELECT * FROM `images_comments` WHERE `image`='" . $img_id . "'";
+ $img_com = $db->query($_query);
+
+ foreach($db->fetch_array($img_com) as $key => $value)
+ {
+ foreach($value as $key_name => $key_value)
+ {
+ if($key_value == 'author')
+ {
+ $key_value = $session->get_username($key_value);
+ }
+ $com[$key_name] = $key_value;
+ }
+ }
+ $img=$db->fetch_array($img);
+ if(isset($user->data['user_id'] && $user->data['user_id'] != $img['owner'])
+ {
+ $img['views']++;
+ $_query="UPDATE `images` SET `views`='" . $views . "' WHERE `id`='" . $img_id . "'";
+ $db->query($_query);
+ }
+ $drill =& new template('drill.tpl');
+ $drill->set('id', $img_id);
+ $drill->set('comments', $com);
+ $drill->set('views', $img['views']);
+ $drill->set('desc', $img['desc']);
+ $drill->set('name', $img['name']);
+ }
+ }
+ }
+ function comment($id, $owner)
+ {
+ if($session->is_friend($owner))
+ {
+ $form =& new template('forms/gallery_comment.tpl');
+ }
+ }
+ function comment_process()
+ {
+ $img_id=$_POST["id"];
+ $session->add_image_comment($img_id);
+ }
+}
+$gallery =& new gallery;
+$mode = empty($_GET["mode"]) ? 'view' : $_GET["mode"];
+$id = empty($_GET["id"]) ? ($session->logged_in() ? $user->data['user_id'] : 0) : mysql_real_escape_string($_GET["id"]);
+switch $mode
+{
+ case 'view':
+ $gallery->view($id);
+ break;
+ case 'drill':
+ $gallery->drill(mysql_real_escape_string($_GET["img"]), $id);
+ break;
+ case 'comment':
+ $gallery->comment($id, $owner_id);
+ break;
+ case 'process':
+ $gallery->comment_process();
+ break;
+}
?>
\ No newline at end of file
Modified: trunk/globals.php
===================================================================
--- trunk/globals.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/globals.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,50 +14,53 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-/* Include our larger functions */
-require_once('./functions/db.php');
-require_once('./functions/template.php');
-require_once('./session.php');
-
-/*The smaller ones*/
-class error
-{
- function general($err, $verbose)
- {
- $error =& new template('messages/error.tpl');
- $error->set('err', $err);
- $handle = fopen('logs/errors.txt', 'w');
- if($handle)
- {
- $entry = "[" . date('d M Y H:i:s') . "][" . $REMOTE_ADDR . "] " . $err . " - " . $verbose;
- if(!fwrite($handle, $entry))
- {
- continue();
- }
- }
- fclose($handle);
- exit();
- }
-}
-function message
-{
- function thank($message, $go1, $res1, $go2="", $res2="")
- {
- $message =& new template('message/thank.tpl');
- $message->set('go1', $go1);
- $message->set('go2', $go2);
- $message->set('res1', $res1);
- $message->set('res2', $res2);
- $message->set('message', $message);
- }
-}
-$error =& new error;
-$db =& new db;
-$template =& new template;
-$user =& new session();
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+/* Include our larger functions */
+require_once('./functions/template.php');
+$template =& new template;
+require_once('./functions/session.php');
+$user =& new session();
+
+/*The smaller ones*/
+class error
+{
+ function general($err, $verbose)
+ {
+ $error =& new template('messages/error.tpl');
+ $error->set('err', $err);
+ $handle = fopen('logs/errors.txt', 'w');
+ if($handle)
+ {
+ $entry = "[" . date('d M Y H:i:s') . "][" . $REMOTE_ADDR . "] " . $err . " - " . $verbose;
+ if(!fwrite($handle, $entry))
+ {
+ continue;
+ }
+ }
+ fclose($handle);
+ exit();
+ }
+}
+class message
+{
+ function thank($message, $go1, $res1, $go2="", $res2="")
+ {
+ $message =& new template('message/thank.tpl');
+ $message->set('go1', $go1);
+ $message->set('go2', $go2);
+ $message->set('res1', $res1);
+ $message->set('res2', $res2);
+ $message->set('message', $message);
+ }
+}
+/* To satisfy ZDE */
+require_once('./functions/db.php');
+$db =& new db;
+
+/* Our functions living in globals.php */
+$error =& new error;
$message =& new message();
?>
\ No newline at end of file
Modified: trunk/images.php
===================================================================
--- trunk/images.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/images.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,97 +14,95 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-include('globals.php');
-class image
-{
- function full($id)
- {
- $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
- if(empty($id))
- {
- $error->general("Invalid ID specified", "Not an (int)");
- }
- $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
- $img=$db->fetch_array($db->query($_query));
-
- header('Content-type: ' . $img['mine_type']);
- header('Content-Disposition: attachment; filename=' . $img['name']);
- echo $img['content'];
- }
- function thumb($id)
- {
- $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
- if(empty($id))
- {
- $error->general("Invalid ID specified", "Not an (int)");
- }
- $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
- $img=$db->fetch_array($db->query($_query));
-
- /* We're going to resize the larger dimension to 150px */
- if($img['width'] > $img['height'])
- {
- $scale_percentage = $img['width'] / 150;
- }
- else
- {
- $scale_percentage = $img['height'] / 150;
- }
- $new_dimensions = array(
- 'width' => ($scale_percentage < 1) ? $img['width'] * $scale_percentage : $img['width'],
- 'height' => ($scale_percentage < 1) ? $img['height'] * $scale_percentage : $img['height']
- );
- header('Content-type: ' . $img['mine_type']);
- header('Content-Disposition: attachment; filename=' . $img['name']);
-
- $type = explode("/", $img['mine_type']);
- $type = $type[1];
- switch $type
- {
- case 'jpeg':
- $new_image = imagecreatefromjpeg($img['content']);
- break;
- case 'png':
- $new_image = imagecreatefrompng($img['content']);
- break;
- case 'gif':
- $new_image = imagecreatefromgif($img['content']);
- break;
- }
- $res = imagecreatetruecolor($new_dimensions['width'], $new_dimensions['height']);
- imagecopyresized($res, $new_image, 0, 0, 0, 0, $new_dimensions['width'], $new_dimensions['height'], $img['width'], $img['height']);
-
- switch $type
- {
- case 'jpeg':
- imagejpeg($res);
- break;
- case 'png':
- imagepng($res);
- break;
- case 'gif':
- imagegif($res);
- break;
- }
- }
-}
-
-$this =& new image;
-
-/* Actually handle the data here */
-$mode=$_GET["mode"];
-switch $mode
-{
- case 'view':
- $this->full();
- break;
-
- case 'thumb':
- $this->thumb();
- break;
-}
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+include('globals.php');
+class image
+{
+ function full($id)
+ {
+ $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
+ if(empty($id))
+ {
+ $error->general("Invalid ID specified", "Not an (int)");
+ }
+ $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
+ $img=$db->fetch_array($db->query($_query));
+
+ header('Content-type: ' . $img['mine_type']);
+ header('Content-Disposition: attachment; filename=' . $img['name']);
+ echo $img['content'];
+ }
+ function thumb($id)
+ {
+ $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
+ if(empty($id))
+ {
+ $error->general("Invalid ID specified", "Not an (int)");
+ }
+ $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
+ $img=$db->fetch_array($db->query($_query));
+
+ /* We're going to resize the larger dimension to 150px */
+ if($img['width'] > $img['height'])
+ {
+ $scale_percentage = $img['width'] / 150;
+ }
+ else
+ {
+ $scale_percentage = $img['height'] / 150;
+ }
+ $new_dimensions = array(
+ 'width' => ($scale_percentage < 1) ? $img['width'] * $scale_percentage : $img['width'],
+ 'height' => ($scale_percentage < 1) ? $img['height'] * $scale_percentage : $img['height']
+ );
+ header('Content-type: ' . $img['mine_type']);
+ header('Content-Disposition: attachment; filename=' . $img['name']);
+
+ $type = explode("/", $img['mine_type']);
+ $type = $type[1];
+ switch($type)
+ {
+ case 'jpeg':
+ $new_image = imagecreatefromjpeg($img['content']);
+ break;
+ case 'png':
+ $new_image = imagecreatefrompng($img['content']);
+ break;
+ case 'gif':
+ $new_image = imagecreatefromgif($img['content']);
+ break;
+ }
+ $res = imagecreatetruecolor($new_dimensions['width'], $new_dimensions['height']);
+ imagecopyresized($res, $new_image, 0, 0, 0, 0, $new_dimensions['width'], $new_dimensions['height'], $img['width'], $img['height']);
+
+ switch($type)
+ {
+ case 'jpeg':
+ imagejpeg($res);
+ break;
+ case 'png':
+ imagepng($res);
+ break;
+ case 'gif':
+ imagegif($res);
+ break;
+ }
+ }
+}
+
+/* Actually handle the data here */
+$mode=empty($_GET["mode"]) ? '' : $_GET["mode"];
+switch($mode)
+{
+ case 'view':
+ $this->full();
+ break;
+
+ case 'thumb':
+ $this->thumb();
+ break;
+}
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-07-29 06:10:52
|
Revision: 20
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=20&view=rev
Author: p3net
Date: 2007-07-28 23:10:45 -0700 (Sat, 28 Jul 2007)
Log Message:
-----------
As per request, document what every function actually does
Modified Paths:
--------------
trunk/functions/db.php
trunk/functions/session.php
trunk/gallery.php
trunk/globals.php
trunk/images.php
trunk/profile.php
Modified: trunk/functions/db.php
===================================================================
--- trunk/functions/db.php 2007-07-28 21:16:51 UTC (rev 19)
+++ trunk/functions/db.php 2007-07-29 06:10:45 UTC (rev 20)
@@ -21,6 +21,11 @@
$this =& new db;
class db
{
+ /*
+ Function Name: db
+ Arguments: none
+ Purpose: Instantiate db class and connect to db
+ */
function db()
{
require_once('./../config.php');
@@ -38,6 +43,11 @@
}
}
}
+ /*
+ Function Name: query
+ Arguments: (string) query -- SQL query
+ Purpose: Run an SQL query
+ */
function query($query)
{
$query = mysql_query($query);
@@ -47,6 +57,11 @@
}
return $query;
}
+ /*
+ Function Name: fetch_array
+ Arguments: (object) query
+ Purpose: Fetch array results of SQL query
+ */
function fetch_array($query)
{
$query = mysql_fetch_array($query);
Modified: trunk/functions/session.php
===================================================================
--- trunk/functions/session.php 2007-07-28 21:16:51 UTC (rev 19)
+++ trunk/functions/session.php 2007-07-29 06:10:45 UTC (rev 20)
@@ -26,6 +26,11 @@
**********************************************************/
class session
{
+ /*
+ Function Name: create
+ Arguments: none
+ Purpose: create session
+ */
function create()
{
/* We don't have a session and aren't logged in. Let's create it */
@@ -35,6 +40,11 @@
$db->query($_query);
$_COOKIE["session_id"] = $id;
}
+ /*
+ Function Name: check
+ Arguments: none
+ Purpose: Check if a session exists
+ */
function check()
{
/* We need to check if a session exists by looking for the session cookie. If that's not there,
@@ -69,6 +79,11 @@
$_query = "DELETE * FROM `sessions` WHERE `last_update` < " . (time() - (60*30));
$db->query($_query);
}
+ /*
+ Function Name: logged_in
+ Arguments: none
+ Purpose: check if user is logged in
+ */
function logged_in()
{
if($user->data['id'] != "-1")
@@ -80,6 +95,11 @@
return false;
}
}
+ /*
+ Function Name: login
+ Arguments: (int) user_id -- ID of user to login
+ Purpose: Updates session table to reflect that a user is logged in
+ */
function login($user_id)
{
$session->check();
@@ -96,6 +116,11 @@
$session->check();
}
}
+ /*
+ Function Name: logout
+ Arguments: none
+ Purpose: Edit session table to reflect that user is logged out
+ */
function logout()
{
if($session->logged_in())
@@ -109,6 +134,11 @@
$error->general('Not logged in', 'User ID = -1');
}
}
+ /*
+ Function Name: is_friend
+ Arguments: (int) id -- ID of our suspected friend
+ Purpose: Check if user is your friend
+ */
function is_friend($id)
{
if(!$user->logged_in())
@@ -138,6 +168,11 @@
}
}
}
+ /*
+ Function Name: action
+ Arguments: (int) action -- Add action to action table; (int) who -- ID of friend action is made towards. If unspecified, applies to all
+ Purpose:
+ */
function action($action, $who="")
{
/*List of actions:
@@ -154,6 +189,11 @@
$db->query($_query);
return true;
}
+ /*
+ Function Name: add_friend
+ Arguments: (int) id -- ID of user to add as our friend
+ Purpose: Add user as (unapproved) friend
+ */
function add_friend($id)
{
if(!$user->logged_in())
@@ -192,12 +232,22 @@
}
}
}
+ /*
+ Function Name: accept_friend
+ Arguments: (int) id -- ID of user to accept as friend
+ Purpose: Accept friend
+ */
function accept_friend($id)
{
$_query="UPDATE `friends` SET `accepted`='1' WHERE `party_2`='" . $data->user['user_id'] . "' AND `party_1='" . $id . "' LIMIT 1";
$db->query($_query);
$user->action(5, $id);
}
+ /*
+ Function Name: can_view
+ Arguments: (int) id -- ID of user who permissions are being checked for
+ Purpose: Check if we have permissions to view this users space
+ */
function can_view($id)
{
/*We're simply checking whether or not we have the permissions to view this space */
@@ -224,6 +274,11 @@
}
}
}
+ /*
+ Function Name: add_coment
+ Arguments: (int) id -- ID of user who comment is directed to
+ Purpose: Add comment
+ */
function add_comment($id)
{
if($session->is_friend($id))
@@ -239,6 +294,11 @@
$session->action('2', $id);
}
}
+ /*
+ Function Name: get_username
+ Arguments: (int) id -- User ID
+ Purpose: Fetch username of user based on their unique ID
+ */
function get_username($id)
{
$_query="SELECT `display_name` FROM `users` WHERE `id`='" . $id . "'";
@@ -246,6 +306,11 @@
$res=$db->fetch_array($_query);
return $res['display_name'];
}
+ /*
+ Function Name: add_image_comment
+ Arguments: (int) id -- Image ID
+ Purpose: Add comment to image
+ */
function add_image_comment($id)
{
$owner = "SELECT `owner` FROM `images` WHERE `id`='" . $id . "'";
@@ -262,6 +327,11 @@
$db->query($_query);
}
}
+ /*
+ Function Name: generate_timestamp
+ Arguments: (int) time -- time to parse
+ Purpose: Generate datestamp of time passed, taking user's time offset into consideration
+ */
function generate_timestamp($time)
{
if($session->logged_in())
Modified: trunk/gallery.php
===================================================================
--- trunk/gallery.php 2007-07-28 21:16:51 UTC (rev 19)
+++ trunk/gallery.php 2007-07-29 06:10:45 UTC (rev 20)
@@ -20,6 +20,11 @@
*********************************************************/
class gallery
{
+ /*
+ Function Name: view
+ Arguments: (int) id -- ID of user
+ Purpose: View gallery of user
+ */
function view($id)
{
if($id == 0)
@@ -38,6 +43,11 @@
}
}
}
+ /*
+ Function Name: drill
+ Arguments: (int) img_id -- ID of image to view; (int) owner -- ID of image uploader
+ Purpose: View fullsize image/comments of specific image
+ */
function drill($img_id, $owner)
{
if(empty($img_id))
@@ -81,6 +91,11 @@
}
}
}
+ /*
+ Function Name: comment
+ Arguments: (int) id -- Image ID; (int) owner -- Image owner ID
+ Purpose: Display comment form
+ */
function comment($id, $owner)
{
if($session->is_friend($owner))
@@ -88,6 +103,11 @@
$form =& new template('forms/gallery_comment.tpl');
}
}
+ /*
+ Function Name: comment_process
+ Arguments: none
+ Purpose: Insert image comment into database
+ */
function comment_process()
{
$img_id=$_POST["id"];
Modified: trunk/globals.php
===================================================================
--- trunk/globals.php 2007-07-28 21:16:51 UTC (rev 19)
+++ trunk/globals.php 2007-07-29 06:10:45 UTC (rev 20)
@@ -27,6 +27,11 @@
/*The smaller ones*/
class error
{
+ /*
+ Function Name: general
+ Arguments: (string) err -- Error to be printed; (string) verbose -- Error to be written to error log
+ Purpose: Display error message and write record of error to log
+ */
function general($err, $verbose)
{
$error =& new template('messages/error.tpl');
@@ -46,6 +51,12 @@
}
class message
{
+ /*
+ Function Name: thank
+ Arguments: (string) message -- Thank you message; (string) go1 -- Page to proceed to; (string) res1 -- Desc of page;
+ (string) (optional) go2 -- Second option to proceed to; (string) (optional) res2 -- Desc of second page
+ Purpose:
+ */
function thank($message, $go1, $res1, $go2="", $res2="")
{
$message =& new template('message/thank.tpl');
Modified: trunk/images.php
===================================================================
--- trunk/images.php 2007-07-28 21:16:51 UTC (rev 19)
+++ trunk/images.php 2007-07-29 06:10:45 UTC (rev 20)
@@ -21,6 +21,11 @@
include('globals.php');
class image
{
+ /*
+ Function Name: full
+ Arguments: (int) id -- ID of image
+ Purpose: Display full-size image uploaded by user
+ */
function full($id)
{
$id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
@@ -35,6 +40,11 @@
header('Content-Disposition: attachment; filename=' . $img['name']);
echo $img['content'];
}
+ /*
+ Function Name: thumb
+ Arguments: (int) id -- ID of image uploaded by user
+ Purpose: Display 150px thumbnail of image
+ */
function thumb($id)
{
$id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-07-28 21:16:51 UTC (rev 19)
+++ trunk/profile.php 2007-07-29 06:10:45 UTC (rev 20)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,177 +14,223 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-include('globals');
-class profile
-{
- function register()
- {
- $step = empty($_GET["step"]) ? '1' : $_GET["step"];
- if($step == 1)
- {
- $form =& new template('forms/register.tpl');
- }
- else if($step == 2)
- {
- foreach($_POST as $key => $value)
- {
- $vars[$key] = mysql_real_escape_string($value);
- }
- $_query = "INSERT INTO users (`id`, `display_name`, `password`, `join`, `time_offset` VALUES('', '" . $vars["display_name"] . "', '" .
- md5($vars["password"] . "', '" . time() . "', '" . $vars["offset"] . "')";
- $db->query($_query);
- $message->thank('for registering.', 'to proceed to the login page.', 'profile.php?mode=login');
- }
- }
- function edit()
- {
- /* I'm too lazy to code this so we'll do it later */
- }
- function delete()
- {
- /* Need to work everything else out first */
- }
- function pics()
- {
- if(!($user->logged_in()))
- {
- $error->general("Not logged in", "Pics upload");
- }
- $step = empty($_GET["step"]) ? '1' : $_GET["step"];
- if($step == 1)
- {
- $form =& new template('forms/upload_pic.tpl');
- }
- else
- {
- if($_FILES['pic']['size'] < 1)
- {
- $error->general("No image uploaded", "File size = 0");
- }
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+include('globals.php');
+class profile
+{
+ /*
+ Function Name: register
+ Arguments: none
+ Purpose: Register user
+ */
+ function register()
+ {
+ $step = empty($_GET["step"]) ? '1' : $_GET["step"];
+ if($step == 1)
+ {
+ $form =& new template('forms/register.tpl');
+ }
+ else if($step == 2)
+ {
+ foreach($_POST as $key => $value)
+ {
+ $vars[$key] = mysql_real_escape_string($value);
+ }
+ $_query = "INSERT INTO users (`id`, `display_name`, `password`, `join`, `time_offset` VALUES('', '" . $vars["display_name"] . "', '" .
+ md5($vars["password"] . "', '" . time() . "', '" . $vars["offset"] . "')";
+ $db->query($_query);
+ $message->thank('for registering.', 'to proceed to the login page.', 'profile.php?mode=login');
+ }
+ }
+ /*
+ Function Name: edit
+ Arguments: none
+ Purpose: Edit user profile information (IE, contents of user table)
+ */
+ function edit()
+ {
+ /* I'm too lazy to code this so we'll do it later */
+ }
+ /*
+ Function Name: delete
+ Arguments: None
+ Purpose: delete user
+ */
+ function delete()
+ {
+ /* Need to work everything else out first */
+ }
+ /*
+ Function Name: pics
+ Arguments: none
+ Purpose: Step 1 -- Display image upload form
+ Step 2 -- Upload profile image
+ */
+ function pics()
+ {
+ if(!($user->logged_in()))
+ {
+ $error->general("Not logged in", "Pics upload");
+ }
+ $step = empty($_GET["step"]) ? '1' : $_GET["step"];
+ if($step == 1)
+ {
+ $form =& new template('forms/upload_pic.tpl');
+ }
+ else
+ {
+ if($_FILES['pic']['size'] < 1)
+ {
+ $error->general("No image uploaded", "File size = 0");
+ }
$file_name = $_FILES['pic']['name'];
$tmp_name = $_FILES['pic']['tmp_name'];
$file_size = $_FILES['pic']['size'];
- $file_type = $_FILES['pic']['type'];
-
- list($width, $height) = getimagesize($tmp_name) or $general->error("Could not upload", "Not an image");
-
+ $file_type = $_FILES['pic']['type'];
+
+ list($width, $height) = getimagesize($tmp_name) or $general->error("Could not upload", "Not an image");
+
$fp = fopen($tmp_name, 'r');
$content = fread($fp, filesize($tmp_name));
$content = addslashes($content);
- fclose($fp);
-
- $_query="INSERT INTO `images` VALUES('', '" . $user->data["user_id"] . "', '" . $content . "', '" . $file_type . "', ''"
- . mysql_real_escape_string(htmlspecialchars($_POST["desc"])) "', '" . $width . "', '" . $height . ",'" . $file_name . "', '0');";
- $db->query($_query);
-
- $user->action(4, '');
- $message->thank('for uploading an image', 'go back to the previous page', 'javascript:history.go(\'-2\')');
- }
- }
- function login()
- {
- $step = empty($_GET["step"]) ? '1' : $_GET["step"];
- if($step == 1)
- {
- $form =& new template('forms/login.tpl');
- }
- else
- {
- foreach($_POST as $key => $value)
- {
- $var[$key] = mysql_real_escape_string(htmlspecialchars($value));
- }
- $_query = "SELECT `id` FROM `users` WHERE `email` = '" . $var['email'] . "' AND `password` = '" . md5($var['password']) . "'";
- $_query = $db->query($_query);
- $num = mysql_num_rows($_query);
- if($num > 0)
- {
- $id = $db->fetch_array($_query);
- $session->login($id['id']);
- $message->thank('logging in', 'to return to the index', 'index.php');
- }
- else
- {
- $error->general('Incorrect Details', print_r($var));
- }
- }
- }
- function inbox()
- {
- $_query="SELECT `id`, `from`, `date`, `subject`, `read` FROM `private_messages` ORDER BY `id` DESC";
- $_query=$db->query($_query);
- $i=0;
- while($temp=$db->fetch_array($_query))
- {
- $pm[$i] = array(
- 'id' => $temp['id'],
- 'from' => $session->get_username($temp['from']),
- 'date' => $session->generate_timestamp($temp['date']),
- 'subject' => $temp['subject'],
- 'read' => $temp['read']
- );
- $i++;
- }
- $template =& new template('inbox.tpl');
- $template->set('pm', $pm);
- }
- function message(mysql_real_escape_string($id))
- {
- $_query="SELECT * FROM `private_messages` WHERE `id`='" . $id . "'";
- $_query=$db->query($_query);
- $arr=$db->fetch_array($_query);
- $read =& new template('read.tpl');
- $read->set('from', $session->get_username($arr["from"]));
- $read->set('date', $session->generate_timestamp($arr["date"]));
- $read->set('subject', $arr["subject"]);
- $read->set('message', $arr["message"]);
- if($arr["read"] != '1')
- {
- $_query="UPDATE `private_messages` SET `read`='1' WHERE `id`='" . $id . "'";
- $db->query($_query);
- }
- }
- function send()
- {
- $template =& new template('send.tpl');
- }
- function send_process()
- {
- }
-}
-$profile =& new profile;
-switch $_GET["mode"]
-{
- case 'register':
- $profile->register();
- break;
- case 'edit':
- $profile->edit();
- break;
- case 'delete':
- $profile->delete();
- break;
- case 'pics':
- $profile->pics();
- break;
- case 'login':
- $profile->login();
- break;
- case 'inbox':
- $profile->inbox();
- break;
- case 'message':
- $profile->message($_GET["id"]);
- break;
- case 'send':
- $profile->send();
- break;
- case 'send_process':
- $profile->send_process();
- break;
-}
+ fclose($fp);
+
+ $_query="INSERT INTO `images` VALUES('', '" . $user->data["user_id"] . "', '" . $content . "', '" . $file_type . "', ''"
+ . mysql_real_escape_string(htmlspecialchars($_POST["desc"])) "', '" . $width . "', '" . $height . ",'" . $file_name . "', '0');";
+ $db->query($_query);
+
+ $user->action(4, '');
+ $message->thank('for uploading an image', 'go back to the previous page', 'javascript:history.go(\'-2\')');
+ }
+ }
+ /*
+ Function Name: login
+ Arguments: None
+ Purpose: log user in
+ */
+ function login()
+ {
+ $step = empty($_GET["step"]) ? '1' : $_GET["step"];
+ if($step == 1)
+ {
+ $form =& new template('forms/login.tpl');
+ }
+ else
+ {
+ foreach($_POST as $key => $value)
+ {
+ $var[$key] = mysql_real_escape_string(htmlspecialchars($value));
+ }
+ $_query = "SELECT `id` FROM `users` WHERE `email` = '" . $var['email'] . "' AND `password` = '" . md5($var['password']) . "'";
+ $_query = $db->query($_query);
+ $num = mysql_num_rows($_query);
+ if($num > 0)
+ {
+ $id = $db->fetch_array($_query);
+ $session->login($id['id']);
+ $message->thank('logging in', 'to return to the index', 'index.php');
+ }
+ else
+ {
+ $error->general('Incorrect Details', print_r($var));
+ }
+ }
+ }
+ /*
+ Function Name: inbox
+ Arguments: none
+ Purpose: Diplsay user's PM inbox
+ */
+ function inbox()
+ {
+ $_query="SELECT `id`, `from`, `date`, `subject`, `read` FROM `private_messages` ORDER BY `id` DESC";
+ $_query=$db->query($_query);
+ $i=0;
+ while($temp=$db->fetch_array($_query))
+ {
+ $pm[$i] = array(
+ 'id' => $temp['id'],
+ 'from' => $session->get_username($temp['from']),
+ 'date' => $session->generate_timestamp($temp['date']),
+ 'subject' => $temp['subject'],
+ 'read' => $temp['read']
+ );
+ $i++;
+ }
+ $template =& new template('inbox.tpl');
+ $template->set('pm', $pm);
+ }
+ /*
+ Function Name: message
+ Arguments: (int) id -- Private message ID
+ Purpose: Display a private message
+ */
+ function message(mysql_real_escape_string($id))
+ {
+ $_query="SELECT * FROM `private_messages` WHERE `id`='" . $id . "'";
+ $_query=$db->query($_query);
+ $arr=$db->fetch_array($_query);
+ $read =& new template('read.tpl');
+ $read->set('from', $session->get_username($arr["from"]));
+ $read->set('date', $session->generate_timestamp($arr["date"]));
+ $read->set('subject', $arr["subject"]);
+ $read->set('message', $arr["message"]);
+ if($arr["read"] != '1')
+ {
+ $_query="UPDATE `private_messages` SET `read`='1' WHERE `id`='" . $id . "'";
+ $db->query($_query);
+ }
+ }
+ /*
+ Function Name: send
+ Arguments: none
+ Purpose: Display a form to send a private message
+ */
+ function send()
+ {
+ $template =& new template('send.tpl');
+ }
+ /*
+ Function Name: send_process
+ Arguments: none
+ Purpose: Send a private message
+ */
+ function send_process()
+ {
+ }
+}
+$profile =& new profile;
+switch $_GET["mode"]
+{
+ case 'register':
+ $profile->register();
+ break;
+ case 'edit':
+ $profile->edit();
+ break;
+ case 'delete':
+ $profile->delete();
+ break;
+ case 'pics':
+ $profile->pics();
+ break;
+ case 'login':
+ $profile->login();
+ break;
+ case 'inbox':
+ $profile->inbox();
+ break;
+ case 'message':
+ $profile->message($_GET["id"]);
+ break;
+ case 'send':
+ $profile->send();
+ break;
+ case 'send_process':
+ $profile->send_process();
+ break;
+}
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <cal...@us...> - 2007-07-30 17:26:19
|
Revision: 39
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=39&view=rev
Author: caleb870
Date: 2007-07-30 10:26:15 -0700 (Mon, 30 Jul 2007)
Log Message:
-----------
Major revision: Changed all calls to the database through ADOdb. Also fixed over 40 typos, syntax errors, and bugs in the process, and changed calls to the template system (still needs work).
Modified Paths:
--------------
trunk/config.php
trunk/functions/session.php
trunk/gallery.php
trunk/globals.php
trunk/images.php
trunk/index.php
trunk/profile.php
Modified: trunk/config.php
===================================================================
--- trunk/config.php 2007-07-30 04:57:52 UTC (rev 38)
+++ trunk/config.php 2007-07-30 17:26:15 UTC (rev 39)
@@ -23,14 +23,16 @@
define('AS_TBL_USER', AS_DB_PREFIX.'user');
define('AS_TBL_BLOG', AS_DB_PREFIX.'blog');
define('AS_TBL_BLOG_CMT', AS_DB_PREFIX.'blog_comments');
-define('AS_TBL_FRIEND', AS_DB_PREFIX.'friend');
+define('AS_TBL_FRIEND', AS_DB_PREFIX.'friends');
define('AS_TBL_IMG', AS_DB_PREFIX.'images');
define('AS_TBL_IMG_CMT', AS_DB_PREFIX.'image_comments');
define('AS_TBL_ACTION', AS_DB_PREFIX.'actions');
define('AS_TBL_CMT', AS_DB_PREFIX.'comments');
define('AS_TBL_SESSION', AS_DB_PREFIX.'sessions');
-define('AS_TBL_PM', AS_DB_PREFIX.'pm');
+define('AS_TBL_PM', AS_DB_PREFIX.'private_messages');
define('AS_DIR_TPL', 'template/');
-define('AS_TPL', AS_LOC_URL.AS_DIR_TPL);
+define('AS_TPL', AS_LOC_URL.AS_DIR_TPL.'default/');
+
+
?>
\ No newline at end of file
Modified: trunk/functions/session.php
===================================================================
--- trunk/functions/session.php 2007-07-30 04:57:52 UTC (rev 38)
+++ trunk/functions/session.php 2007-07-30 17:26:15 UTC (rev 39)
@@ -36,9 +36,13 @@
/* We don't have a session and aren't logged in. Let's create it */
$id = md5(time() . rand(1,1000));
/* Check to make sure it's unique */
- $_query="INSERT INTO `sessions` VALUES('" . $id . "', '-1', '" . $REMOTE_ADDR . "', '" . time() . "')";
- $db->query($_query);
- $_COOKIE["session_id"] = $id;
+ $_query = 'INSERT INTO '.AS_TBL_SESSION.' (id, user_id, ip, last_update) VALUES(' . $id . ','.$db->qstr('-1').',' . $db->qstr($_SERVER['REMOTE_ADDR']) . ',' . time() . ')';
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('<b>DB Error!</b>', 'session.php - create(): '.$db->ErrorMsg());
+ return false;
+ }
+ $_COOKIE['session_id'] = $id;
}
/*
Function Name: check
@@ -49,35 +53,48 @@
{
/* We need to check if a session exists by looking for the session cookie. If that's not there,
then we return false (since the user isn't logged in). We also match the IP */
- $ip = $REMOTE_ADDR;
- $_query = "SELECT * FROM `sessions` WHERE `ip` = '" . $ip . "'";
- $res = $db->query($_query);
- if(mysql_num_rows($res) == 0)
+ $ip = $_SERVER['REMOTE_ADDR'];
+ $_query = 'SELECT * FROM '.AS_TBL_SESSION.' WHERE ip = ' . $db->qstr($ip);
+ $res = $db->Execute($_query);
+ $count = $res->RecordCount();
+ if($count == 0)
{
- $session->create();
+ $session->create();
}
else
{
- /* Get an array of our session info */
- $res = $db->fetch_array($res);
- if($res['id'] != $_COOKIE["session_id"])
- {
- $session->create();
- }
- else
- {
- foreach($res as $key => $value)
- {
- $user->data[$key] = $value;
- }
- /* Update our updated time */
- $_query="UPDATE `sessions` SET `last_update` = '" . time() . "' WHERE `id` = '" . $user->data['id'] . "' LIMIT 1";
- $db->query($_query);
- }
- }
+ /* Get an array of our session info */
+ $res = $res->GetArray();
+ if($res[0]['id'] != $_COOKIE['session_id'])
+ {
+ $session->create();
+ }
+ else
+ {
+ $array = $res->GetArray();
+ foreach($array[0] as $key => $value)
+ {
+ if (!is_numeric($key))
+ {
+ $user->data[$key] = $value;
+ }
+ }
+ /* Update our updated time */
+ $_query = 'UPDATE '.AS_TBL_SESSION.' SET last_update = ' . time() . ' WHERE id = ' . $user->data['id'] . ' LIMIT 1';
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('<b>DB Error!</b>', 'session.php - check(): '.$db->ErrorMsg());
+ return false;
+ }
+ }
+ }
/* We also need to get rid of users who haven't done anything in the last half-hour */
- $_query = "DELETE * FROM `sessions` WHERE `last_update` < " . (time() - (60*30));
- $db->query($_query);
+ $_query = 'DELETE FROM '.AS_TBL_SESSION.' WHERE last_update < ' . (time() - (60*30));
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('<b>DB Error!</b>', 'session.php - check(): '.$db->ErrorMsg());
+ return false;
+ }
}
/*
Function Name: logged_in
@@ -102,18 +119,27 @@
*/
function login($user_id)
{
+ if (!is_numeric($user_id) and $user_id != null)
+ {
+ $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$user_id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
$session->check();
if($session->logged_in())
{
- /* Wait - what? */
- $error->general("Already logged in", "Session already populated");
+ /* Wait - what? */
+ $error->general("Already logged in", "Session already populated");
}
else
{
- $_query = "UPDATE `sessions` SET `user_id` = '" . $user_id . "' WHERE `id` = '" . $_COOKIE["session_id"] . " LIMIT 1";
- $db->query($_query);
- /* Run the session check again. It'll make the row and populate $user->data */
- $session->check();
+ $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = ' . $user_id . ' WHERE id = ' . $db->qstr($_COOKIE["session_id"]) . ' LIMIT 1';
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('<b>DB Error!</b>', 'session.php - login(): '.$db->ErrorMsg());
+ return false;
+ }
+ /* Run the session check again. It'll make the row and populate $user->data */
+ $session->check();
}
}
/*
@@ -125,13 +151,13 @@
{
if($session->logged_in())
{
- $_query = "UPDATE `sessions` SET `user_id` = '-1' WHERE `id` = '" . $user->data['id'] . "' AND `ip` = '" . $user->data['ip'] . "' LIMIT 1";
- $db->query($_query);
- $user->data = null;
+ $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = '.$db->qstr('-1').' WHERE id = ' . $user->data['id'] . ' AND ip = ' . $db->qstr($user->data['ip']) . ' LIMIT 1';
+ $db->query($_query);
+ $user->data = null;
}
else
{
- $error->general('Not logged in', 'User ID = -1');
+ $error->general('Not logged in', 'User ID = -1');
}
}
/*
@@ -141,31 +167,36 @@
*/
function is_friend($id)
{
+ if (!is_numeric($id))
+ {
+ $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
if(!$user->logged_in())
{
- return false;
+ return false;
}
else
{
- $_query = "SELECT * FROM `friends` WHERE `party_1` = '" . $user->data['user_id'] . "' AND AND `party_2`='" . $id . "' AND `accepted`='1'";
- $_query = $db->query($_query);
- if(mysql_num_rows($_query) > 0)
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE party_1 = ' . $user->data['user_id'] . ' AND party_2 = ' . $id . ' AND accepted = 1';
+ $_query = $db->Execute($_query);
+ if($_query->fields[0] > 0)
+ {
+ return true;
+ }
+ else
+ {
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE party_2 = ' . $user->data['user_id'] . ' AND party_1 = ' . $id . ' AND accepted = 1';
+ $_query = $db->Execute($_query);
+ if($_query->fields[0] > 0)
{
- return true;
+ return true;
}
else
{
- $_query = "SELECT * FROM `friends` WHERE `party_2` = '" . $user->data['user_id'] . "' AND `party_1`='" . $id . "' AND `accepted`='1'";
- $_query = $db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- return true;
- }
- else
- {
- return false;
- }
+ return false;
}
+ }
}
}
/*
@@ -173,8 +204,18 @@
Arguments: (int) action -- Add action to action table; (int) who -- ID of friend action is made towards. If unspecified, applies to all
Purpose:
*/
- function action($action, $who="")
+ function action($action, $who = null)
{
+ if (!is_numeric($action) and $action != null)
+ {
+ $error->general('Invalid actionID', "Invalid actionID = Possible hack! Input value: \"".$action."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+ if (!is_numeric($who) and $who != null)
+ {
+ $error->general('Invalid whoID', "Invalid whoID = Possible hack! Input value: \"".$who."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
/*List of actions:
1. Updated Space
2. Left you a comment
@@ -185,7 +226,7 @@
7. Left you a comment on a blog post
8. Joined a group
9. Created a group */
- $_query="INSERT INTO `actions` VALUES('" . time() . "', '" . $user->data['user_id'] . "', '" . $action . "', '" . $who . "')";
+ $_query = 'INSERT INTO '.AS_TBL_ACTION.' (time, who, action, for) VALUES(' . time() . ',' . $user->data['user_id'] . ', ' . $action . ', ' . $who . ')';
$db->query($_query);
return true;
}
@@ -196,39 +237,48 @@
*/
function add_friend($id)
{
+ if (!is_numeric($id) and $id != null)
+ {
+ $error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$action."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
if(!$user->logged_in())
{
- $error->general("Not logged in", "Add as friend");
+ $error->general("Not logged in", "Add as friend");
}
else
{
- if($user->is_friend($id))
+ if($user->is_friend($id))
+ {
+ $error->general("Already friend", "Add as friend");
+ }
+ else
+ {
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE (party_1 = ' . $user->data['user_id'] . ' AND party_2 = ' . $id;
+ $_query = $db->query($_query);
+ if ($_query->fields[0] > 0)
{
- $error->general("Already friend", "Add as friend");
- }
+ $error->general("Already added as friend, awaiting acception", "Add as friend");
+ }
else
{
- $_query = "SELECT * FROM `friends` WHERE `party_1`='" . $user->data['user_id'] . " AND `party_2`='" . $id . "'";
- $_query=$db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- $error->general("Already added as friend, awaiting acception", "Add as friend");
- }
- else
- {
- $_query = "SELECT * FROM `friends` WHERE `party_2`='" . $user->data['user_id'] . " AND `party_1`='" . $id . "'";
- $_query=$db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- $error->general("User has already added you as a friend. Accept them in your friend control panel.", "Add as friend");
- }
- else
- {
- $_query="INSERT INTO `friends` VALUES('" . $user->data['user_id'] . "', '" . $id . "', '0'";
- $db->query($_query);
- $message->thank("adding this user as your friend. You will be alerted when they accept you as a friend.", "to go back", "javascript:history.go(-1)");
- }
- }
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE party_2 = ' . $user->data['user_id'] . ' AND party_1 = ' . $id;
+ $_query = $db->Execute($_query);
+ if ($_query->fields[0] > 0)
+ {
+ $error->general("User has already added you as a friend. Accept them in your friend control panel.", "Add as friend");
+ }
+ else
+ {
+ $_query='INSERT INTO '.AS_TBL_FRIEND.' VALUES(' . $user->data['user_id'] . ',' . $id . ',0)';
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('<b>DB Error!</b>', 'session.php - add_friend(): '.$db->ErrorMsg());
+ return false;
+ }
+ $message->thank("adding this user as your friend. You will be alerted when they accept you as a friend.", "to go back", "javascript:history.go(-1)");
+ }
}
}
}
@@ -239,7 +289,12 @@
*/
function accept_friend($id)
{
- $_query="UPDATE `friends` SET `accepted`='1' WHERE `party_2`='" . $data->user['user_id'] . "' AND `party_1='" . $id . "' LIMIT 1";
+ if (!is_numeric($id) and $id != null)
+ {
+ $error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$action."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+ $_query= 'UPDATE '.AS_TBL_FRIEND.' SET accepted = 1 WHERE party_2 = '.$data->user['user_id'].' AND party_1 = '.$id.' LIMIT 1';
$db->query($_query);
$user->action(5, $id);
}
@@ -250,10 +305,15 @@
*/
function can_view($id)
{
+ if (!is_numeric($id) and $id != null)
+ {
+ $error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$action."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
/*We're simply checking whether or not we have the permissions to view this space */
/*First we need to figure out what the space privacy setting is*/
- $_query="SELECT `privacy` FROM `users` WHERE `id`='" . $id . "' LIMIT 1";
- $_query=$db->query($_query);
+ $_query = 'SELECT privacy FROM '.AS_TBL_USER.' WHERE id = ' . $id . ' LIMIT 1';
+ $_query = $db->Execute($_query);
$_query=$db->fetch_array($_query);
$res=$_query['privacy'];
if($res == '0')
Modified: trunk/gallery.php
===================================================================
--- trunk/gallery.php 2007-07-30 04:57:52 UTC (rev 38)
+++ trunk/gallery.php 2007-07-30 17:26:15 UTC (rev 39)
@@ -18,6 +18,7 @@
@id: $Id$
*********************************************************/
+
class gallery
{
/*
@@ -35,11 +36,11 @@
{
if($session->is_friend($id))
{
- $_query="SELECT `id` FROM `images` WHERE `owner`='" . $id . "'";
- $_query=$db->query($_query);
- $_query=$db->fetch_array($_query);
- $gallery =& new template('gallery.tpl');
- $gallery->set('gallery', $_query);
+ $_query = 'SELECT id FROM '.AS_TBL_IMG.' WHERE owner = '.$db->qstr($id,get_magic_quotes_gpc());
+ $_query = $db->Execute($_query);
+ $_query = $db->GetArray($_query);
+ $gallery = new template(AS_DIR_TPL.'gallery.tpl');
+ $gallery->set_var('gallery', $_query);
}
}
}
@@ -48,46 +49,50 @@
Arguments: (int) img_id -- ID of image to view; (int) owner -- ID of image uploader
Purpose: View fullsize image/comments of specific image
*/
- function drill($img_id, $owner)
+ function drill( $img_id, $owner )
{
- if(empty($img_id))
+ if( empty( $img_id ) )
{
$error->general('An image must be specified', 'Tried to access drill without specifying image id');
}
else
{
- if($session->is_friend($owner))
+ if( $session->is_friend($owner) )
{
- $_query = "SELECT * FROM `images` WHERE `id`='" . $img_id . "'";
- $img = $db->query($_query);
+ $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE id = '.$db->qstr($img_id,get_magic_quotes_gpc());
+ $img = $db->Execute( $_query );
- $_query = "SELECT * FROM `images_comments` WHERE `image`='" . $img_id . "'";
- $img_com = $db->query($_query);
+ $_query = 'SELECT * FROM '.AS_TBL_IMG_CMT.' WHERE image = '.$db->qstr($img_id,get_magic_quotes_gpc());
+ $img_com = $db->Execute( $_query );
- foreach($db->fetch_array($img_com) as $key => $value)
+ $count = $img_com->RecordCount();
+ for ($i = 0; $i < $count; $i++) /* What? */
{
foreach($value as $key_name => $key_value)
{
- if($key_value == 'author')
+ if ($key_value == 'author')
{
$key_value = $session->get_username($key_value);
}
$com[$key_name] = $key_value;
}
+ $img_con->MoveNext();
}
- $img=$db->fetch_array($img);
- if(isset($user->data['user_id'] && $user->data['user_id'] != $img['owner'])
+ $img_com->Close();
+ $img = $img->GetArray();
+
+ if ( isset($user->data['user_id']) and $user->data['user_id'] != $img['owner'] )
{
$img['views']++;
- $_query="UPDATE `images` SET `views`='" . $views . "' WHERE `id`='" . $img_id . "'";
+ $_query = 'UPDATE '.AS_TBL_IMG." SET views = '" . $views . "' WHERE id = '" . $img_id . "'";
$db->query($_query);
}
- $drill =& new template('drill.tpl');
- $drill->set('id', $img_id);
- $drill->set('comments', $com);
- $drill->set('views', $img['views']);
- $drill->set('desc', $img['desc']);
- $drill->set('name', $img['name']);
+ $drill = new template(AS_TPL.'drill.tpl');
+ $drill->set_var('id', $img_id);
+ $drill->set_var('comments', $com);
+ $drill->set_var('views', $img['views']);
+ $drill->set_var('desc', $img['desc']);
+ $drill->set_var('name', $img['name']);
}
}
}
@@ -100,7 +105,7 @@
{
if($session->is_friend($owner))
{
- $form =& new template('forms/gallery_comment.tpl');
+ $form = new template(AS_TPL.'forms/gallery_comment.tpl');
}
}
/*
@@ -110,14 +115,16 @@
*/
function comment_process()
{
- $img_id=$_POST["id"];
+ $img_id = $_POST['id'];
$session->add_image_comment($img_id);
}
}
-$gallery =& new gallery;
+
+include('globals.php');
+$gallery =& new gallery();
$mode = empty($_GET["mode"]) ? 'view' : $_GET["mode"];
$id = empty($_GET["id"]) ? ($session->logged_in() ? $user->data['user_id'] : 0) : mysql_real_escape_string($_GET["id"]);
-switch $mode
+switch ($mode)
{
case 'view':
$gallery->view($id);
Modified: trunk/globals.php
===================================================================
--- trunk/globals.php 2007-07-30 04:57:52 UTC (rev 38)
+++ trunk/globals.php 2007-07-30 17:26:15 UTC (rev 39)
@@ -19,10 +19,12 @@
@id: $Id$
*********************************************************/
/* Include our larger functions */
-require_once('./functions/template.php');
-$template =& new template;
-require_once('./functions/session.php');
+require(AS_LOC_DIRECT.'config.php');
+require(AS_LOC_DIRECT.'functions/template.php');
+$template =& new template();
+require(AS_LOC_DIRECT.'functions/session.php');
$user =& new session();
+require(AS_LOC_DIRECT.'functions/adodb/adodb.inc.php');
/*The smaller ones*/
class error
@@ -34,7 +36,7 @@
*/
function general($err, $verbose)
{
- $error =& new template('messages/error.tpl');
+ $error =& new template(AS_TPL.'messages/error.tpl');
$error->set('err', $err);
$handle = fopen('logs/errors.txt', 'w');
if($handle)
@@ -59,19 +61,19 @@
*/
function thank($message, $go1, $res1, $go2="", $res2="")
{
- $message =& new template('message/thank.tpl');
- $message->set('go1', $go1);
- $message->set('go2', $go2);
- $message->set('res1', $res1);
- $message->set('res2', $res2);
- $message->set('message', $message);
+ $message =& new template(AS_TPL.'message/thank.tpl');
+ $message->set_var('go1', $go1);
+ $message->set_var('go2', $go2);
+ $message->set_var('res1', $res1);
+ $message->set_var('res2', $res2);
+ $message->set_var('message', $message);
}
}
-/* To satisfy ZDE */
-require_once('./functions/db.php');
-$db =& new db;
/* Our functions living in globals.php */
$error =& new error;
$message =& new message();
+
+$db =& new ADOConnection(AS_DB_TYPE);
+$db->Connect(AS_DB_HOST, AS_DB_USER, AS_DB_PASS, AS_DB_SCHEMA);
?>
\ No newline at end of file
Modified: trunk/images.php
===================================================================
--- trunk/images.php 2007-07-30 04:57:52 UTC (rev 38)
+++ trunk/images.php 2007-07-30 17:26:15 UTC (rev 39)
@@ -33,12 +33,13 @@
{
$error->general("Invalid ID specified", "Not an (int)");
}
- $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
- $img=$db->fetch_array($db->query($_query));
+ $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE id = '.$db->qstr($id,get_magic_quotes_gpc());
+ $img = $db->Execute($_query);
+ $img = $img->GetArray();
- header('Content-type: ' . $img['mine_type']);
- header('Content-Disposition: attachment; filename=' . $img['name']);
- echo $img['content'];
+ header('Content-Type: ' . $img[0]['mime_type']);
+ header('Content-Disposition: attachment; filename=' . $img[0]['name']);
+ echo $img[0]['content'];
}
/*
Function Name: thumb
@@ -48,30 +49,31 @@
function thumb($id)
{
$id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
- if(empty($id))
+ if(!empty($id))
{
$error->general("Invalid ID specified", "Not an (int)");
}
- $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
- $img=$db->fetch_array($db->query($_query));
+ $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE id = '.$db->qstr($id,get_magic_quotes_gpc());
+ $_query = $db->Execute($_query);
+ $img = $db->GetArray($_query);
/* We're going to resize the larger dimension to 150px */
- if($img['width'] > $img['height'])
+ if($img[0]['width'] > $img[0]['height'])
{
- $scale_percentage = $img['width'] / 150;
+ $scale_percentage = $img[0]['width'] / 150;
}
else
{
- $scale_percentage = $img['height'] / 150;
+ $scale_percentage = $img[0]['height'] / 150;
}
$new_dimensions = array(
- 'width' => ($scale_percentage < 1) ? $img['width'] * $scale_percentage : $img['width'],
- 'height' => ($scale_percentage < 1) ? $img['height'] * $scale_percentage : $img['height']
+ 'width' => ($scale_percentage < 1) ? $img[0]['width'] * $scale_percentage : $img[0]['width'],
+ 'height' => ($scale_percentage < 1) ? $img[0]['height'] * $scale_percentage : $img[0]['height']
);
- header('Content-type: ' . $img['mine_type']);
- header('Content-Disposition: attachment; filename=' . $img['name']);
+ header('Content-Type: ' . $img[0]['mime_type']);
+ header('Content-Disposition: attachment; filename=' . $img[0]['name']);
- $type = explode("/", $img['mine_type']);
+ $type = explode("/", $img[0]['mine_type']);
$type = $type[1];
switch($type)
{
@@ -86,7 +88,7 @@
break;
}
$res = imagecreatetruecolor($new_dimensions['width'], $new_dimensions['height']);
- imagecopyresized($res, $new_image, 0, 0, 0, 0, $new_dimensions['width'], $new_dimensions['height'], $img['width'], $img['height']);
+ imagecopyresized($res, $new_image, 0, 0, 0, 0, $new_dimensions['width'], $new_dimensions['height'], $img[0]['width'], $img[0]['height']);
switch($type)
{
@@ -104,7 +106,7 @@
}
/* Actually handle the data here */
-$mode=empty($_GET["mode"]) ? '' : $_GET["mode"];
+$mode = empty($_GET["mode"]) ? '' : $_GET["mode"];
switch($mode)
{
case 'view':
Modified: trunk/index.php
===================================================================
--- trunk/index.php 2007-07-30 04:57:52 UTC (rev 38)
+++ trunk/index.php 2007-07-30 17:26:15 UTC (rev 39)
@@ -1,34 +1,34 @@
-<?php
-/*******************************************************
- * Copyright (C) 2007 http://p3net.net
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-include('globals.php');
-/* 5 most recent users should be enough. We can fill the rest with ads or something */
-$_query = "SELECT `id`, `display_name`, `user_image` FROM `users` SORT BY `id` DESC LIMIT 5";
-$res = ($db->query($_query);
-while($user = $db->fetch_array($_query))
-{
- $userdetail[$user['display_name']] = array(
- 'id' => $user['id'],
- `icon` => $user['user_image']
- );
-}
-$index =& new template('home.tpl');
-$index->set('userdetail', $userdetail);
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+include('globals.php');
+/* 5 most recent users should be enough. We can fill the rest with ads or something */
+$_query = 'SELECT id, display_name, user_image FROM '.AS_TBL_USER.' SORT BY id DESC LIMIT 5';
+$_query = $db->Execute($_query);
+while($user = $_query->FetchRow())
+{
+ $userdetail[$user['display_name']] = array(
+ 'id' => $user['id'],
+ 'icon' => $user['user_image']
+ );
+}
+$index = template(AS_TPL.'home.tpl');
+$index->set_var('userdetail', $userdetail);
?>
\ No newline at end of file
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-07-30 04:57:52 UTC (rev 38)
+++ trunk/profile.php 2007-07-30 17:26:15 UTC (rev 39)
@@ -31,18 +31,22 @@
$step = empty($_GET["step"]) ? '1' : $_GET["step"];
if($step == 1)
{
- $form =& new template('forms/register.tpl');
+ $form =& new template(AS_TPL.'forms/register.tpl');
}
else if($step == 2)
{
- foreach($_POST as $key => $value)
- {
- $vars[$key] = mysql_real_escape_string($value);
- }
- $_query = "INSERT INTO users (`id`, `display_name`, `password`, `join`, `time_offset` VALUES('', '" . $vars["display_name"] . "', '" .
- md5($vars["password"] . "', '" . time() . "', '" . $vars["offset"] . "')";
- $db->query($_query);
- $message->thank('for registering.', 'to proceed to the login page.', 'profile.php?mode=login');
+ $_query = 'INSERT INTO '.AS_TBL_USER.' (display_name, password, join, time_offset ';
+ $_query .= 'VALUES('.$db->qstr($vars["display_name"],get_magic_quotes_gpc()).',';
+ $_qeury .= $db->qstr(md5($vars["password"]),get_magic_quotes_gpc()).',';
+ $_query .= time().','.qstr($vars["offset"],get_magic_quotes_gpc()).')';
+
+ if ($db->Execute($_query) === false)
+ {
+ $error->general("<b>DB Error!</b>", $db->ErrorMsg());
+ return false;
+ } else {
+ $message->thank('for registering.', 'to proceed to the login page.', 'profile.php?mode=login');
+ }
}
}
/*
@@ -78,7 +82,7 @@
$step = empty($_GET["step"]) ? '1' : $_GET["step"];
if($step == 1)
{
- $form =& new template('forms/upload_pic.tpl');
+ $form =& new template(AS_TPL.'forms/upload_pic.tpl');
}
else
{
@@ -98,9 +102,14 @@
$content = addslashes($content);
fclose($fp);
- $_query="INSERT INTO `images` VALUES('', '" . $user->data["user_id"] . "', '" . $content . "', '" . $file_type . "', ''"
- . mysql_real_escape_string(htmlspecialchars($_POST["desc"])) "', '" . $width . "', '" . $height . ",'" . $file_name . "', '0');";
- $db->query($_query);
+ $_query = 'INSERT INTO '.AS_TBL_IMG.' (owner, content, mime_type, desc, width, height, name, views)'
+ .'VALUES('. $user->data["user_id"] . ',' . $db->qstr($content) . ',' . $db->qstr($file_type) . "', ''"
+ .$db->qstr(htmlspecialchars($_POST["desc"]),get_magic_quotes_gpc()).','.$width.','.$height.','.$db->qstr($file_name,get_magic_quotes_gpc()).", '0')";
+ if ($db->Execute($_query) === false)
+ {
+ $error->general("<b>DB Error!</b>", $db->ErrorMsg());
+ return false;
+ }
$user->action(4, '');
$message->thank('for uploading an image', 'go back to the previous page', 'javascript:history.go(\'-2\')');
@@ -116,21 +125,21 @@
$step = empty($_GET["step"]) ? '1' : $_GET["step"];
if($step == 1)
{
- $form =& new template('forms/login.tpl');
+ $form =& new template(AS_TPL.'forms/login.tpl');
}
else
{
foreach($_POST as $key => $value)
{
- $var[$key] = mysql_real_escape_string(htmlspecialchars($value));
+ $var[$key] = $db->qstr(htmlspecialchars($value),get_magic_quotes_gpc());
}
- $_query = "SELECT `id` FROM `users` WHERE `email` = '" . $var['email'] . "' AND `password` = '" . md5($var['password']) . "'";
- $_query = $db->query($_query);
- $num = mysql_num_rows($_query);
+ $_query = 'SELECT id FROM '.AS_TBL_USER.' WHERE email = ' . $var['email'] . ' AND password = ' . qstr(md5($var['password']));
+ $_query = $db->Execute($_query);
+ $num = $_query->RecordCount();
if($num > 0)
{
- $id = $db->fetch_array($_query);
- $session->login($id['id']);
+ $id = $_query->GetArray();
+ $session->login($id[0]['id']);
$message->thank('logging in', 'to return to the index', 'index.php');
}
else
@@ -146,42 +155,51 @@
*/
function inbox()
{
- $_query="SELECT `id`, `from`, `date`, `subject`, `read` FROM `private_messages` ORDER BY `id` DESC";
- $_query=$db->query($_query);
- $i=0;
- while($temp=$db->fetch_array($_query))
- {
- $pm[$i] = array(
- 'id' => $temp['id'],
- 'from' => $session->get_username($temp['from']),
- 'date' => $session->generate_timestamp($temp['date']),
- 'subject' => $temp['subject'],
- 'read' => $temp['read']
- );
- $i++;
- }
- $template =& new template('inbox.tpl');
- $template->set('pm', $pm);
+ $_query = 'SELECT id, from, date, subject, read FROM '.AS_TBL_PM.' ORDER BY id DESC';
+ $_query = $db->Execute($_query);
+ $count = $_query->RecordCount();
+ for ($i = 0; $i < $count; $i++)
+ {
+ $pm[$i] = array(
+ 'id' => $_query->Fields('id'),
+ 'from' => $session->get_username($_query->Fields('from')),
+ 'date' => $session->generate_timestamp($_query->Fields('date')),
+ 'subject' => $_query->Fields('subject'),
+ 'read' => $_query->Fields('read')
+ );
+ $_query->MoveNext();
+ }
+ $template =& new template(AS_TPL.'inbox.tpl');
+ $template->set_var('pm', $pm);
}
/*
Function Name: message
Arguments: (int) id -- Private message ID
Purpose: Display a private message
*/
- function message(mysql_real_escape_string($id))
+ function message($id)
{
- $_query="SELECT * FROM `private_messages` WHERE `id`='" . $id . "'";
- $_query=$db->query($_query);
- $arr=$db->fetch_array($_query);
- $read =& new template('read.tpl');
- $read->set('from', $session->get_username($arr["from"]));
- $read->set('date', $session->generate_timestamp($arr["date"]));
- $read->set('subject', $arr["subject"]);
- $read->set('message', $arr["message"]);
- if($arr["read"] != '1')
+ if (!is_numeric($id))
+ {
+ $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+ $_query = 'SELECT * FROM '.AS_TBL_PM.' WHERE id = ' . $id;
+ $_query = $db->Execute($_query);
+ $array = $db->GetArray($_query);
+ $read =& new template(AS_TPL.'read.tpl');
+ $read->set_var('from', $session->get_username($array[0]["from"]));
+ $read->set_var('date', $session->generate_timestamp($array[0]["date"]));
+ $read->set_var('subject', $array[0]["subject"]);
+ $read->set_var('message', $array[0]["message"]);
+ if($array[0]['read'] != '1')
{
- $_query="UPDATE `private_messages` SET `read`='1' WHERE `id`='" . $id . "'";
- $db->query($_query);
+ $_query = 'UPDATE '.AS_TBL_PM.' SET read = 1 WHERE id = ' . $id;
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('<b>DB Error!</b>', $db->ErrorMsg());
+ return false;
+ }
}
}
/*
@@ -191,7 +209,7 @@
*/
function send()
{
- $template =& new template('send.tpl');
+ $template =& new template(AS_TPL.'send.tpl');
}
/*
Function Name: send_process
@@ -203,7 +221,7 @@
}
}
$profile =& new profile;
-switch $_GET["mode"]
+switch ($_GET["mode"])
{
case 'register':
$profile->register();
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-07-30 20:02:40
|
Revision: 43
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=43&view=rev
Author: p3net
Date: 2007-07-30 13:02:42 -0700 (Mon, 30 Jul 2007)
Log Message:
-----------
First stab at the blog. Also fix a little error on caleb's part
Modified Paths:
--------------
trunk/blog.php
trunk/develop/new-schema.sql
trunk/globals.php
trunk/profile.php
Added Paths:
-----------
trunk/template/default/blog_post_view.tpl
Modified: trunk/blog.php
===================================================================
--- trunk/blog.php 2007-07-30 19:46:37 UTC (rev 42)
+++ trunk/blog.php 2007-07-30 20:02:42 UTC (rev 43)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,8 +14,82 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+/* Todo: blog supports space privacy settings */
+include('./globals.php');
+class blog
+{
+ /* Function name: view
+ Arguments: (int) id -- Blog post ID
+ Description: view a blog post
+ */
+ function view($id)
+ {
+ /* We should add a sanitize method to the db class */
+ $id = mysql_real_escape_string($id);
+ $_query="SELECT * FROM `" . AS_TBL_BLOG . "` WHERE `blog_id`='"
+ . $id . "' LIMIT 1;";
+ $db->Execute($_query);
+ while($res = $db->FetchRow())
+ {
+ $title = $res['title'];
+ $timestamp = $user->generate_timestamp($res['blog_timestamp']);
+ $content = $res['content'];
+ $author = $user->get_username($res['author_id']);
+ }
+ $template =& new template(AS_TPL . 'blog_post_view.tpl');
+ $template->set('title', $title);
+ $template->set('date', $timestamp);
+ $template->set('content', $content);
+ $template->set('author', $author);
+
+ /* Now for the comments */
+ $_query = "SELECT * FROM `" . AS_TBL_BLOG_CMT . "` WHERE `post_id`='"
+ . $id . "' ORDER BY `post_timestamp` ASC";
+ $db->Execute($_query);
+ while($com = $db->FetchRow())
+ {
+ $blog_c[]['author'] = $user->get_username($com['author_id']);
+ $blog_c[]['comment'] = $com['commnent'];
+ $blog_c[]['time'] = $user->get_timestamp($com['post_timestamp']);
+ }
+ /* Caleb better get the array thing in template files working soon */
+ $template->set('comments', $blog_c);
+ }
+ /* Function name: post
+ Arguments:
+ Description: Write/submit a post for your blog
+ */
+ function post()
+ {
+ /* We'll do this when the schema is finalised */
+ }
+ /* Function name: comment
+ Arguments:
+ Description: Write/submit a comment for a blog post
+ */
+ function comment()
+ {
+ /* We'll do this when the schema is finalises */
+ }
+}
+$blog =& new blog();
+$mode = empty($_GET["mode"]) ? '' : $_GET["mode"];
+switch($mode)
+{
+ case 'view':
+ $blog->view($_GET["id"]);
+ break;
+
+
+ case 'post':
+ break;
+
+ case 'comment':
+ break;
+
+}
?>
\ No newline at end of file
Modified: trunk/develop/new-schema.sql
===================================================================
--- trunk/develop/new-schema.sql 2007-07-30 19:46:37 UTC (rev 42)
+++ trunk/develop/new-schema.sql 2007-07-30 20:02:42 UTC (rev 43)
@@ -20,6 +20,7 @@
DROP TABLE IF EXISTS `as_blog_comment`;
CREATE TABLE `as_blog_comment` (
`comment_id` int(10) unsigned NOT NULL auto_increment,
+ `post_id` int(10) unsigned NOT NULL,
`author_id` int(10) unsigned NOT NULL,
`comment` text NOT NULL,
`post_timestamp` int(10) unsigned NOT NULL,
Modified: trunk/globals.php
===================================================================
--- trunk/globals.php 2007-07-30 19:46:37 UTC (rev 42)
+++ trunk/globals.php 2007-07-30 20:02:42 UTC (rev 43)
@@ -19,7 +19,7 @@
@id: $Id$
*********************************************************/
/* Include our larger functions */
-require('config.php'); /* Do not put 'AS_LOC_DIRECT' before this one */
+require('./config.php'); //We can't include using a constant defined in the file we're including
require(AS_LOC_DIRECT.'functions/template.php');
$template =& new template();
require(AS_LOC_DIRECT.'functions/session.php');
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-07-30 19:46:37 UTC (rev 42)
+++ trunk/profile.php 2007-07-30 20:02:42 UTC (rev 43)
@@ -35,9 +35,9 @@
}
else if($step == 2)
{
- $_query = 'INSERT INTO '.AS_TBL_USER.' (display_name, password, join, time_offset ';
+ $_query = 'INSERT INTO '.AS_TBL_USER.' (display_name, password, join, time_offset) ';
$_query .= 'VALUES('.$db->qstr($vars["display_name"],get_magic_quotes_gpc()).',';
- $_qeury .= $db->qstr(md5($vars["password"]),get_magic_quotes_gpc()).',';
+ $_query .= $db->qstr(md5($vars["password"]),get_magic_quotes_gpc()).',';
$_query .= time().','.qstr($vars["offset"],get_magic_quotes_gpc()).')';
if ($db->Execute($_query) === false)
Added: trunk/template/default/blog_post_view.tpl
===================================================================
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <del...@us...> - 2007-07-30 20:52:42
|
Revision: 46
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=46&view=rev
Author: deltalabs
Date: 2007-07-30 13:52:43 -0700 (Mon, 30 Jul 2007)
Log Message:
-----------
I *think* I got everything switched to the new schema. If anyone notices anything that didn't get changed, let me know.
Modified Paths:
--------------
trunk/gallery.php
trunk/group.php
trunk/images.php
trunk/index.php
trunk/profile.php
trunk/viewspace.php
Modified: trunk/gallery.php
===================================================================
--- trunk/gallery.php 2007-07-30 20:32:28 UTC (rev 45)
+++ trunk/gallery.php 2007-07-30 20:52:43 UTC (rev 46)
@@ -36,7 +36,7 @@
{
if($session->is_friend($id))
{
- $_query = 'SELECT id FROM '.AS_TBL_IMG.' WHERE owner = '.$db->qstr($id,get_magic_quotes_gpc());
+ $_query = 'SELECT img_id FROM '.AS_TBL_IMG.' WHERE owner_id = '.$db->qstr($id,get_magic_quotes_gpc());
$_query = $db->Execute($_query);
$_query = $db->GetArray($_query);
$gallery = new template(AS_DIR_TPL.'gallery.tpl');
@@ -59,10 +59,10 @@
{
if( $session->is_friend($owner) )
{
- $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE id = '.$db->qstr($img_id,get_magic_quotes_gpc());
+ $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE img_id = '.$db->qstr($img_id,get_magic_quotes_gpc());
$img = $db->Execute( $_query );
- $_query = 'SELECT * FROM '.AS_TBL_IMG_CMT.' WHERE image = '.$db->qstr($img_id,get_magic_quotes_gpc());
+ $_query = 'SELECT * FROM '.AS_TBL_IMG_CMT.' WHERE image_id = '.$db->qstr($img_id,get_magic_quotes_gpc());
$img_com = $db->Execute( $_query );
$count = $img_com->RecordCount();
@@ -84,7 +84,7 @@
if ( isset($user->data['user_id']) and $user->data['user_id'] != $img['owner'] )
{
$img['views']++;
- $_query = 'UPDATE '.AS_TBL_IMG." SET views = '" . $views . "' WHERE id = '" . $img_id . "'";
+ $_query = 'UPDATE '.AS_TBL_IMG." SET views = '" . $views . "' WHERE img_id = '" . $img_id . "'";
$db->query($_query);
}
$drill = new template(AS_TPL.'drill.tpl');
Modified: trunk/group.php
===================================================================
--- trunk/group.php 2007-07-30 20:32:28 UTC (rev 45)
+++ trunk/group.php 2007-07-30 20:52:43 UTC (rev 46)
@@ -1,21 +1,21 @@
-<?php
-/*******************************************************
- * Copyright (C) 2007 http://p3net.net
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
?>
\ No newline at end of file
Modified: trunk/images.php
===================================================================
--- trunk/images.php 2007-07-30 20:32:28 UTC (rev 45)
+++ trunk/images.php 2007-07-30 20:52:43 UTC (rev 46)
@@ -33,7 +33,7 @@
{
$error->general("Invalid ID specified", "Not an (int)");
}
- $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE id = '.$db->qstr($id,get_magic_quotes_gpc());
+ $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE img_id = '.$db->qstr($id,get_magic_quotes_gpc());
$img = $db->Execute($_query);
$img = $img->GetArray();
@@ -53,7 +53,7 @@
{
$error->general("Invalid ID specified", "Not an (int)");
}
- $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE id = '.$db->qstr($id,get_magic_quotes_gpc());
+ $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE img_id = '.$db->qstr($id,get_magic_quotes_gpc());
$_query = $db->Execute($_query);
$img = $db->GetArray($_query);
Modified: trunk/index.php
===================================================================
--- trunk/index.php 2007-07-30 20:32:28 UTC (rev 45)
+++ trunk/index.php 2007-07-30 20:52:43 UTC (rev 46)
@@ -20,12 +20,12 @@
*********************************************************/
include('globals.php');
/* 5 most recent users should be enough. We can fill the rest with ads or something */
-$_query = 'SELECT id, display_name, user_image FROM '.AS_TBL_USER.' SORT BY id DESC LIMIT 5';
+$_query = 'SELECT user_id, display_name, user_image FROM '.AS_TBL_USER.' SORT BY user_id DESC LIMIT 5';
$_query = $db->Execute($_query);
while($user = $_query->FetchRow())
{
$userdetail[$user['display_name']] = array(
- 'id' => $user['id'],
+ 'id' => $user['user_id'],
'icon' => $user['user_image']
);
}
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-07-30 20:32:28 UTC (rev 45)
+++ trunk/profile.php 2007-07-30 20:52:43 UTC (rev 46)
@@ -35,10 +35,10 @@
}
else if($step == 2)
{
- $_query = 'INSERT INTO '.AS_TBL_USER.' (display_name, password, join, time_offset) ';
+ $_query = 'INSERT INTO '.AS_TBL_USER.' (display_name, password, join_date, time_offset) ';
$_query .= 'VALUES('.$db->qstr($vars["display_name"],get_magic_quotes_gpc()).',';
$_query .= $db->qstr(md5($vars["password"]),get_magic_quotes_gpc()).',';
- $_query .= time().','.qstr($vars["offset"],get_magic_quotes_gpc()).')';
+ $_query .= mktime().','.qstr($vars["offset"],get_magic_quotes_gpc()).')';
if ($db->Execute($_query) === false)
{
@@ -102,7 +102,7 @@
$content = addslashes($content);
fclose($fp);
- $_query = 'INSERT INTO '.AS_TBL_IMG.' (owner, content, mime_type, desc, width, height, name, views)'
+ $_query = 'INSERT INTO '.AS_TBL_IMG.' (owner_id, content, mime_type, desc, width, height, name, views)'
.'VALUES('. $user->data["user_id"] . ',' . $db->qstr($content) . ',' . $db->qstr($file_type) . "', ''"
.$db->qstr(htmlspecialchars($_POST["desc"]),get_magic_quotes_gpc()).','.$width.','.$height.','.$db->qstr($file_name,get_magic_quotes_gpc()).", '0')";
if ($db->Execute($_query) === false)
@@ -133,13 +133,13 @@
{
$var[$key] = $db->qstr(htmlspecialchars($value),get_magic_quotes_gpc());
}
- $_query = 'SELECT id FROM '.AS_TBL_USER.' WHERE email = ' . $var['email'] . ' AND password = ' . qstr(md5($var['password']));
+ $_query = 'SELECT user_id FROM '.AS_TBL_USER.' WHERE email = ' . $var['email'] . ' AND password = ' . qstr(md5($var['password']));
$_query = $db->Execute($_query);
$num = $_query->RecordCount();
if($num > 0)
{
$id = $_query->GetArray();
- $session->login($id[0]['id']);
+ $session->login($id[0]['user_id']);
$message->thank('logging in', 'to return to the index', 'index.php');
}
else
@@ -155,15 +155,18 @@
*/
function inbox()
{
- $_query = 'SELECT id, from, date, subject, read FROM '.AS_TBL_PM.' ORDER BY id DESC';
+ $_uid_query = 'SELECT user_id FROM '.AS_TBL_USER.' WHERE email = ' . $var['email'] . ' AND password = ' . qstr(md5($var['password']));
+ $_uid_query = $db->Execute($_query);
+ $uid = $_query->GetArray();
+ $_query = 'SELECT message_id, sender_id, send_date, subject, read FROM '.AS_TBL_PM.' WHERE recipient_id = '.$uid[0]['user_id'].' ORDER BY id DESC';
$_query = $db->Execute($_query);
$count = $_query->RecordCount();
for ($i = 0; $i < $count; $i++)
{
$pm[$i] = array(
- 'id' => $_query->Fields('id'),
- 'from' => $session->get_username($_query->Fields('from')),
- 'date' => $session->generate_timestamp($_query->Fields('date')),
+ 'id' => $_query->Fields('message_id'),
+ 'from' => $session->get_username($_query->Fields('sender_id')),
+ 'date' => $session->generate_timestamp($_query->Fields('send_date')),
'subject' => $_query->Fields('subject'),
'read' => $_query->Fields('read')
);
@@ -184,12 +187,12 @@
$error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
- $_query = 'SELECT * FROM '.AS_TBL_PM.' WHERE id = ' . $id;
+ $_query = 'SELECT * FROM '.AS_TBL_PM.' WHERE message_id = ' . $id;
$_query = $db->Execute($_query);
$array = $db->GetArray($_query);
$read =& new template(AS_TPL.'read.tpl');
- $read->set_var('from', $session->get_username($array[0]["from"]));
- $read->set_var('date', $session->generate_timestamp($array[0]["date"]));
+ $read->set_var('from', $session->get_username($array[0]["sender_id"]));
+ $read->set_var('date', $session->generate_timestamp($array[0]["send_date"]));
$read->set_var('subject', $array[0]["subject"]);
$read->set_var('message', $array[0]["message"]);
if($array[0]['read'] != '1')
Modified: trunk/viewspace.php
===================================================================
--- trunk/viewspace.php 2007-07-30 20:32:28 UTC (rev 45)
+++ trunk/viewspace.php 2007-07-30 20:52:43 UTC (rev 46)
@@ -1,23 +1,23 @@
-<?php
-/*******************************************************
- * Copyright (C) 2007 http://p3net.net
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-/* Todo: If no id is set or id is yours, show you owner view instead
- Alternatively, actual view will be shown if &view=real is appended*/
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+/* Todo: If no id is set or id is yours, show you owner view instead
+ Alternatively, actual view will be shown if &view=real is appended*/
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <cal...@us...> - 2007-07-30 23:20:49
|
Revision: 48
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=48&view=rev
Author: caleb870
Date: 2007-07-30 16:20:51 -0700 (Mon, 30 Jul 2007)
Log Message:
-----------
Finally completed converting to ADOdb, fixed a few syntax errors along the way as well.
Modified Paths:
--------------
trunk/config.php
trunk/functions/session.php
trunk/gallery.php
Modified: trunk/config.php
===================================================================
--- trunk/config.php 2007-07-30 22:04:51 UTC (rev 47)
+++ trunk/config.php 2007-07-30 23:20:51 UTC (rev 48)
@@ -1,7 +1,7 @@
<?php
/* These settings are autogenerated by AstroSPACES
- do not change them unless you know what you are
- doing!
+ do not change them unless if you have instructions
+ stating that these values should be changed.
*/
define('AS_DB_TYPE', 'mysql');
define('AS_DB_PREFIX', 'as_');
@@ -17,8 +17,7 @@
define('AS_LOC_DIRECT', 'C:/path/to/astrospaces/');
/* These settings are constants and must NOT
- be altered. Doing so will prevent AstroSPACES
- from functioning.
+ be altered unless if you understand what you are doing.
*/
define('AS_TBL_USER', AS_DB_PREFIX.'user');
define('AS_TBL_BLOG', AS_DB_PREFIX.'blog');
@@ -30,6 +29,8 @@
define('AS_TBL_CMT', AS_DB_PREFIX.'comments');
define('AS_TBL_SESSION', AS_DB_PREFIX.'sessions');
define('AS_TBL_PM', AS_DB_PREFIX.'private_messages');
+define('AS_TBL_GRP', AS_DB_PREFIX.'groups');
+define('AS_TBL_GRP_RES', AS_DB_PREFIX.'group_resolver');
define('AS_DIR_TPL', 'template/');
define('AS_TPL', AS_LOC_URL.AS_DIR_TPL.'default/');
Modified: trunk/functions/session.php
===================================================================
--- trunk/functions/session.php 2007-07-30 22:04:51 UTC (rev 47)
+++ trunk/functions/session.php 2007-07-30 23:20:51 UTC (rev 48)
@@ -211,6 +211,7 @@
$error->general('Invalid actionID', "Invalid actionID = Possible hack! Input value: \"".$action."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
+
if (!is_numeric($who) and $who != null)
{
$error->general('Invalid whoID', "Invalid whoID = Possible hack! Input value: \"".$who."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
@@ -239,7 +240,7 @@
{
if (!is_numeric($id) and $id != null)
{
- $error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$action."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ $error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
@@ -280,6 +281,7 @@
$message->thank("adding this user as your friend. You will be alerted when they accept you as a friend.", "to go back", "javascript:history.go(-1)");
}
}
+ }
}
}
/*
@@ -291,7 +293,7 @@
{
if (!is_numeric($id) and $id != null)
{
- $error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$action."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ $error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
$_query= 'UPDATE '.AS_TBL_FRIEND.' SET accepted = 1 WHERE party_2 = '.$data->user['user_id'].' AND party_1 = '.$id.' LIMIT 1';
@@ -307,23 +309,23 @@
{
if (!is_numeric($id) and $id != null)
{
- $error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$action."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ $error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
/*We're simply checking whether or not we have the permissions to view this space */
/*First we need to figure out what the space privacy setting is*/
$_query = 'SELECT privacy FROM '.AS_TBL_USER.' WHERE id = ' . $id . ' LIMIT 1';
$_query = $db->Execute($_query);
- $_query=$db->fetch_array($_query);
- $res=$_query['privacy'];
+ $_query = $db->GetArray($_query);
+ $res = $_query[0]['privacy'];
if($res == '0')
{
- /*All users can view this space*/
+ /* All users can view this space */
return true;
}
else
{
- /*We need to check if we're they're friend*/
+ /* We need to check if we're they're friend */
if($session->is_friend($id))
{
return true;
@@ -341,17 +343,22 @@
*/
function add_comment($id)
{
+ if (!is_numeric($id) and $id != null)
+ {
+ $error->general('Invalid userID', "Invalid userD = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
if($session->is_friend($id))
{
- /*Okay, we have permission to leave this comment*/
- foreach($_POST as $key => $value)
- {
- $var[$key] = mysql_real_escape_string($value);
- }
- $_query="INSERT INTO `comments` VALUES('', '" . time() . "', '" . $user->data['user_id'] . "', '" . $id . "', '" . $var['body'] .
- "'";
- $db->query($_query);
- $session->action('2', $id);
+ /* Okay, we have permission to leave this comment */
+ $_query = 'INSERT INTO '.AS_TBL_CMT.' (comment_timestamp, poster_id, recipient_id, comment) VALUES(' .
+ time() . ',' . $user->data['user_id'] . ',' . $id . ',' . $db->qstr($_POST['body']).')';
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('<b>DB Error!</b>', 'session.php - add_comment(): '.$db->ErrorMsg());
+ return false;
+ }
+ $session->action('2', $id);
}
}
/*
@@ -361,10 +368,15 @@
*/
function get_username($id)
{
- $_query="SELECT `display_name` FROM `users` WHERE `id`='" . $id . "'";
- $_query=$db->query($_query);
- $res=$db->fetch_array($_query);
- return $res['display_name'];
+ if (!is_numeric($id) and $id != null)
+ {
+ $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+ $_query = 'SELECT display_name FROM '.AS_TBL_USER.' WHERE id = ' . $id;
+ $_query = $db->Execute($_query);
+ $res = $db->GetArray($_query);
+ return $res[0]['display_name'];
}
/*
Function Name: add_image_comment
@@ -373,19 +385,25 @@
*/
function add_image_comment($id)
{
- $owner = "SELECT `owner` FROM `images` WHERE `id`='" . $id . "'";
+ if (!is_numeric($id) and $id != null)
+ {
+ $error->general('Invalid imageID', "Invalid imageID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
+ $owner = 'SELECT owner_id FROM '.AS_TBL_IMG.' WHERE id = ' . $id;
$owner = $db->query($owner);
$owner = $db->fetch_array($owner);
$owner = $owner['owner'];
- if($session->is_friend($owner))
+ if ($session->is_friend($owner))
{
- foreach($_POST as $key => $value)
- {
- $var[$key] = mysql_real_escape_string($value);
- }
- $_query="INSERT INTO `image_comments` VALUES('', '" . $id . "', '" . time() . "', '" . $user->data['user_id'] . "', '" . $var['comment'] . "'";
- $db->query($_query);
- }
+ $_query = 'INSERT INTO '.AS_TBL_IMG_CMT.' (image_id, post_timestamp, author, comment) VALUES('. $id . ',' . time() . ',' . $user->data['user_id'] . ',' . $db->qstr($_POST['comment'],get_magic_quotes_gpc()) . ')';
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('<b>DB Error!</b>', 'session.php - add_img_comment(): '.$db->ErrorMsg());
+ return false;
+ }
+ }
}
/*
Function Name: generate_timestamp
@@ -394,14 +412,20 @@
*/
function generate_timestamp($time)
{
+ if (!is_numeric($time) and $time != null)
+ {
+ $error->general('Invalid timestamp', "Invalid timestamp = Possible hack! Input value: \"".$time."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
if($session->logged_in())
{
- $_query="SELECT `time_offset` FROM `users` WHERE `id`='" . $user->data['user_id'] . "'";
- $_query=$db->query($_query);
- $_query=$db->fetch_array($_query);
- $offset=$_query['time_offset'];
-
- $diff = $offset * 60 * 60;
+ $_query = 'SELECT time_offset FROM '.AS_TBL_USER.' WHERE id = ' . $user->data['user_id'];
+ $_query = $db->Execute($_query);
+ $_query = $query->GetArray($_query);
+ $offset = $_query[0]['time_offset'];
+
+ $diff = $offset * 60 * 60;
}
$time = $time + $diff;
return date('m/d/Y G:i:s', $time);
Modified: trunk/gallery.php
===================================================================
--- trunk/gallery.php 2007-07-30 22:04:51 UTC (rev 47)
+++ trunk/gallery.php 2007-07-30 23:20:51 UTC (rev 48)
@@ -66,17 +66,17 @@
$img_com = $db->Execute( $_query );
$count = $img_com->RecordCount();
- for ($i = 0; $i < $count; $i++) /* What? */
+ $array = $img_com->GetArray();
+ foreach($array[0] as $key_name => $key_value)
{
- foreach($value as $key_name => $key_value)
- {
- if ($key_value == 'author')
- {
- $key_value = $session->get_username($key_value);
- }
- $com[$key_name] = $key_value;
- }
- $img_con->MoveNext();
+ if (!is_numeric($key_name))
+ {
+ if ($key_value == 'author')
+ {
+ $key_value = $session->get_username($key_value);
+ }
+ $com[$key_name] = $key_value;
+ }
}
$img_com->Close();
$img = $img->GetArray();
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-07-31 00:07:54
|
Revision: 49
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=49&view=rev
Author: p3net
Date: 2007-07-30 17:07:55 -0700 (Mon, 30 Jul 2007)
Log Message:
-----------
Beginnings of language engine. Includes a sample language file. Note that the actual language files will most likely have to be made during theme development by caleb
Added Paths:
-----------
trunk/lang/
trunk/lang/en/
trunk/lang/en/lang_main.php
Added: trunk/lang/en/lang_main.php
===================================================================
--- trunk/lang/en/lang_main.php (rev 0)
+++ trunk/lang/en/lang_main.php 2007-07-31 00:07:55 UTC (rev 49)
@@ -0,0 +1,40 @@
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+$lang = array();
+$main=array(
+ 'BLOG_AUTHOR' => 'Author',
+ 'BLOG_TIME' => 'Posted at',
+ 'BLOG_COMMENT' => 'This post has 1 comment',
+ 'BLOG_COMMENTS' => 'This post has %s comments',
+ 'BLOG_LEAVE_COMMENT' => 'Click %s to leave a comment on this post',
+ 'BLOG_POST' => 'New blog post',
+ 'BLOG_COMMENT_SUBMITTED' => 'Your comment has been submitted',
+ 'BLOG_POST_SUBMITTED' => 'Your post has been submitted',
+ 'GALLERY_VIEWS' => '%s views',
+ 'GALLERY_OWNER' => 'Uploaded by',
+ 'GALLERY_COMMENT' => 'This image has 1 comment',
+ 'GALLERY_COMMENTS' => 'This image has %s comments',
+ 'GALLERY_LEAVE_COMMEMNT' => 'Click %s to leave a comment on this image',
+ 'GLOBAL_HERE' => 'here',
+ 'ERROR_MUST_BE_LOGGEDIN' => 'You must be logged in to access this page'
+)
+$lang=array_merge($lang, $main);
+?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-07-31 03:05:26
|
Revision: 72
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=72&view=rev
Author: p3net
Date: 2007-07-30 20:05:24 -0700 (Mon, 30 Jul 2007)
Log Message:
-----------
Viewspace added in it's plainest form. Expand, children, expand for the motherscript!
Modified Paths:
--------------
trunk/viewspace.php
Added Paths:
-----------
trunk/template/default/viewspace.tpl
Added: trunk/template/default/viewspace.tpl
===================================================================
Modified: trunk/viewspace.php
===================================================================
--- trunk/viewspace.php 2007-07-31 02:34:33 UTC (rev 71)
+++ trunk/viewspace.php 2007-07-31 03:05:24 UTC (rev 72)
@@ -18,6 +18,78 @@
@id: $Id$
*********************************************************/
-/* Todo: If no id is set or id is yours, show you owner view instead
- Alternatively, actual view will be shown if &view=real is appended*/
+include('./globals.php');
+class space
+{
+ /* Function Name: view
+ Arguments: (int) id -- Space ID to view
+ Description: View a Space
+ */
+ function view($id)
+ {
+ if($session->can_view($id))
+ {
+ $_query = "SELECT * FROM " . AS_TBL_USER . " WHERE `id`='" . $id . "'";
+ $db->Execute($_query);
+ $arr = $db->FetchArray();
+
+ if(isset($db->user['user_id']) && $db->user['user_id'] == $id)
+ {
+ $_query = "SELECT * FROM " . AS_TBL_CMT . " WHERE `recipient_id`='" . $id . "'";
+ $db->Execute($_query);
+ $comments = $db->FetchArray();
+
+ /* We need to rewrite this to JOIN with the friends table so we can get all
+ non-specific notifications from our friends */
+ $_query = "SELECT * FROM " . AS_TBL_ACTION . " WHERE `for`='" . $id . "'";
+ $db->Execute($_query);
+ $notifications = $db->FetchArray();
+ }
+ else
+ {
+ /* Stop -- comment count! */
+ $_query="SELECT COUNT(*) FROM " . AS_TBL_CMT . " WHERE `recipient_id`='" . $id . "'";
+ $db->Execute($_query);
+ $comm_count = $db->FetchArray();
+ $comm_count = $comm_count['COUNT(*)'];
+ }
+ $viewspace =& new template('viewspace.tpl');
+ $viewspace->set('user_info', $arr);
+ /* These two are only displayed if you are the space owner */
+ $viewspace->set('owner_comments', (isset($comments) ? $comments : '')); //If empty, do NOT reference comments
+ $viewspace->set('notifications', (isset($notifications) ? $notications : '')); //If empty, do NOT reference notifications.
+ /* This one is not displayed if you are the space owner */
+ $viewspace->set('comm_count', (isset($comm_count) ? $comm_count : '')); //Display only if comment array is empty
+ }
+ else
+ {
+ /* Show limited page (username, default picture for user, and add as friend button if logged in */
+ }
+ }
+}
+
+$mode = empty($_GET["mode"]) ? 'view' : $_GET["mode"];
+/* Since I can't get this to work as a ternary */
+if(empty($_GET["id"]))
+{
+ if($user->logged_in())
+ {
+ $id = $user->data['id'];
+ }
+ else
+ {
+ $error->general('No ID specified', 'Empty');
+}
+else
+{
+ $id = $_GET["id"];
+}
+/* Okay, now that that is over with... */
+}
+switch($mode)
+{
+ case 'view':
+ $space->view($id);
+ break;
+}
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fr...@us...> - 2007-08-01 22:03:26
|
Revision: 84
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=84&view=rev
Author: frcole
Date: 2007-08-01 15:03:28 -0700 (Wed, 01 Aug 2007)
Log Message:
-----------
Update config.php to reflect new tables as well as corrected some minor typos. --frc
Modified Paths:
--------------
trunk/config.php
trunk/develop/new-schema.sql
Modified: trunk/config.php
===================================================================
--- trunk/config.php 2007-08-01 20:09:38 UTC (rev 83)
+++ trunk/config.php 2007-08-01 22:03:28 UTC (rev 84)
@@ -1,37 +1,43 @@
-<?php
-/* These settings are autogenerated by AstroSPACES
- do not change them unless you know what you are
- doing!
-*/
-define('AS_DB_TYPE', 'mysql');
-define('AS_DB_PREFIX', 'as_');
-define('AS_DB_HOST', 'localhost');
-define('AS_DB_SCHEMA', 'schema');
-define('AS_DB_USER', 'user');
-define('AS_DB_PASS', 'pass');
-
-define('AS_EXT', '.php');
-define('AS_LANG', 'en-us');
-
-define('AS_LOC_URL', 'http://localhost/');
-define('AS_LOC_DIRECT', 'C:/path/to/astrospaces/');
-
-/* These settings are constants and must NOT
- be altered. Doing so will prevent AstroSPACES
- from functioning.
-*/
-define('AS_TBL_USER', AS_DB_PREFIX.'user');
-define('AS_TBL_BLOG', AS_DB_PREFIX.'blog');
-define('AS_TBL_BLOG_CMT', AS_DB_PREFIX.'blog_comments');
-define('AS_TBL_COMMENTS', AS_DB_PREFIX.'comments');
-define('AS_TBL_FRIEND', AS_DB_PREFIX.'friends');
-define('AS_TBL_IMG', AS_DB_PREFIX.'images');
-define('AS_TBL_IMG_CMT', AS_DB_PREFIX.'image_comments');
-define('AS_TBL_ACTION', AS_DB_PREFIX.'actions');
-define('AS_TBL_CMT', AS_DB_PREFIX.'comments');
-define('AS_TBL_SESSION', AS_DB_PREFIX.'sessions');
-define('AS_TBL_PM', AS_DB_PREFIX.'private_messages');
-
-define('AS_DIR_TPL', 'template/');
-define('AS_TPL', AS_LOC_URL.AS_DIR_TPL.'default/');
-?>
\ No newline at end of file
+<?php
+/* These settings are autogenerated by AstroSPACES
+ do not change them unless you know what you are
+ doing!
+*/
+define('AS_DB_TYPE', 'mysql');
+define('AS_DB_PREFIX', 'as_');
+define('AS_DB_HOST', 'localhost');
+define('AS_DB_SCHEMA', 'schema');
+define('AS_DB_USER', 'user');
+define('AS_DB_PASS', 'pass');
+
+define('AS_EXT', '.php');
+define('AS_LANG', 'en-us');
+
+define('AS_LOC_URL', 'http://localhost/');
+define('AS_LOC_DIRECT', 'C:/path/to/astrospaces/');
+
+/* These settings are constants and must NOT
+ be altered. Doing so will prevent AstroSPACES
+ from functioning.
+*/
+define('AS_TBL_USERS', AS_DB_PREFIX.'users');
+define('AS_TBL_BLOG', AS_DB_PREFIX.'blog');
+define('AS_TBL_BLOG_CMT', AS_DB_PREFIX.'blog_comment');
+define('AS_TBL_COMMENTS', AS_DB_PREFIX.'comments');
+define('AS_TBL_FRIEND', AS_DB_PREFIX.'friends');
+define('AS_TBL_IMG', AS_DB_PREFIX.'images');
+define('AS_TBL_IMG_CMT', AS_DB_PREFIX.'image_comments');
+define('AS_TBL_ACTION', AS_DB_PREFIX.'actions');
+define('AS_TBL_CMT', AS_DB_PREFIX.'comments');
+define('AS_TBL_SESSION', AS_DB_PREFIX.'sessions');
+define('AS_TBL_PM', AS_DB_PREFIX.'private_messages');
+define('AS_TBL_GRPRES', AS_DB_PREFIX.'group_resolver');
+define('AS_TBL_GRPS', AS_DB_PREFIX.'groups');
+define('AS_TBL_SPROFLDS', AS_DB_PREFIX.'static_profile_fields');
+define('AS_TBL_DPROFLDS', AS_DB_PREFIX.'dynamic_profile_fields');
+define('AS_TBL_DPROVAL', AS_DB_PREFIX.'dynamic_profile_values');
+
+define('AS_DIR_TPL', 'template/');
+define('AS_TPL', AS_LOC_URL.AS_DIR_TPL.'default/');
+?>
+
Modified: trunk/develop/new-schema.sql
===================================================================
--- trunk/develop/new-schema.sql 2007-08-01 20:09:38 UTC (rev 83)
+++ trunk/develop/new-schema.sql 2007-08-01 22:03:28 UTC (rev 84)
@@ -117,14 +117,14 @@
`last_login` int(10) unsigned NOT NULL COMMENT 'Unix timestamp',
`time_offset` tinyint(3) unsigned NOT NULL,
`email` varchar(60) NOT NULL,
- `user_image` int(11) unsigned NOT NULL,
`privacy` tinyint(1) unsigned NOT NULL default '0',
PRIMARY KEY (`user_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
DROP TABLE IF EXISTS `as_static_profile_fields`;
-CREATE TABLE `as_users` (
- `user_id` int(10) unsigned NOT NULL auto_increment,
+CREATE TABLE `as_static_profile_fields` (
+ `static_profile_field_id` int(10) unsigned NOT NULL auto_increment,
+ `user_id` int(10) unsigned NOT NULL,
`display_name` varchar(45) NOT NULL,
`blurb` text NOT NULL,
`aim` varchar(45) NOT NULL,
@@ -134,5 +134,23 @@
`icq` varchar(45) NOT NULL,
`msn` varchar(45) NOT NULL,
`user_image` int(11) unsigned NOT NULL,
- PRIMARY KEY (`user_id`)
+ PRIMARY KEY (`static_profile_field_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+
+DROP TABLE IF EXISTS `as_dynamic_profile_fields`;
+CREATE TABLE `as_dynamic_profile_fields` (
+ `dynamic_profile_field_id` int(10) unsigned NOT NULL auto_increment,
+ `field_name` varchar(128) NOT NULL default 'new field',
+ `field_description` varchar(128),
+ PRIMARY KEY (`dynamic_profile_field_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `as_dynamic_profile_values`;
+CREATE TABLE `as_dynamic_profile_values` (
+ `dynamic_profile_field_id` int(10) unsigned NOT NULL auto_increment,
+ `user_id` int(10) unsigned NOT NULL,
+ `field_name` varchar(128) NOT NULL default 'new field',
+ `field_value` varchar(128),
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-08-01 23:32:09
|
Revision: 86
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=86&view=rev
Author: p3net
Date: 2007-08-01 16:32:07 -0700 (Wed, 01 Aug 2007)
Log Message:
-----------
Forgot to commit these
Modified Paths:
--------------
trunk/gallery.php
trunk/globals.php
Modified: trunk/gallery.php
===================================================================
--- trunk/gallery.php 2007-08-01 22:35:29 UTC (rev 85)
+++ trunk/gallery.php 2007-08-01 23:32:07 UTC (rev 86)
@@ -1,142 +1,142 @@
-<?php
-/*******************************************************
- * Copyright (C) 2007 http://p3net.net
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-
-class gallery
-{
- /*
- Function Name: view
- Arguments: (int) id -- ID of user
- Purpose: View gallery of user
- */
- function view($id)
- {
- if($id == 0)
- {
- $error->general('Must be logged in!', 'Tried to access gallery as owner while unauthenticated');
- }
- else
- {
- if($session->is_friend($id))
- {
- $_query = 'SELECT img_id FROM '.AS_TBL_IMG.' WHERE owner_id = '.$db->qstr($id,get_magic_quotes_gpc());
- $_query = $db->Execute($_query);
- $_query = $db->GetArray($_query);
- $gallery = new template(AS_DIR_TPL.'gallery.tpl');
- $gallery->set_var('gallery', $_query);
- }
- }
- }
- /*
- Function Name: drill
- Arguments: (int) img_id -- ID of image to view; (int) owner -- ID of image uploader
- Purpose: View fullsize image/comments of specific image
- */
- function drill( $img_id, $owner )
- {
- if( empty( $img_id ) )
- {
- $error->general('An image must be specified', 'Tried to access drill without specifying image id');
- }
- else
- {
- if( $session->is_friend($owner) )
- {
- $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE img_id = '.$db->qstr($img_id,get_magic_quotes_gpc());
- $img = $db->Execute( $_query );
-
- $_query = 'SELECT * FROM '.AS_TBL_IMG_CMT.' WHERE image_id = '.$db->qstr($img_id,get_magic_quotes_gpc());
- $img_com = $db->Execute( $_query );
-
- $count = $img_com->RecordCount();
- $array = $img_com->GetArray();
- foreach($array[0] as $key_name => $key_value)
- {
- if (!is_numeric($key_name))
- {
- if ($key_value == 'author')
- {
- $key_value = $session->get_username($key_value);
- }
- $com[$key_name] = $key_value;
- }
- }
- $img_com->Close();
- $img = $img->GetArray();
-
- if ( isset($user->data['user_id']) and $user->data['user_id'] != $img['owner'] )
- {
- $img['views']++;
- $_query = 'UPDATE '.AS_TBL_IMG." SET views = '" . $views . "' WHERE img_id = '" . $img_id . "'";
- $db->query($_query);
- }
- $drill = new template(AS_TPL.'drill.tpl');
- $drill->set_var('id', $img_id);
- $drill->set_var('comments', $com);
- $drill->set_var('views', $img['views']);
- $drill->set_var('desc', $img['desc']);
- $drill->set_var('name', $img['name']);
- }
- }
- }
- /*
- Function Name: comment
- Arguments: (int) id -- Image ID; (int) owner -- Image owner ID
- Purpose: Display comment form
- */
- function comment($id, $owner)
- {
- if($session->is_friend($owner))
- {
- $form = new template(AS_TPL.'forms/gallery_comment.tpl');
- }
- }
- /*
- Function Name: comment_process
- Arguments: none
- Purpose: Insert image comment into database
- */
- function comment_process()
- {
- $img_id = $_POST['id'];
- $session->add_image_comment($img_id);
- }
-}
-
-include('globals.php');
-$gallery =& new gallery();
-$mode = empty($_GET["mode"]) ? 'view' : $_GET["mode"];
-$id = empty($_GET["id"]) ? ($session->logged_in() ? $user->data['user_id'] : 0) : mysql_real_escape_string($_GET["id"]);
-switch ($mode)
-{
- case 'view':
- $gallery->view($id);
- break;
- case 'drill':
- $gallery->drill(mysql_real_escape_string($_GET["img"]), $id);
- break;
- case 'comment':
- $gallery->comment($id, $owner_id);
- break;
- case 'process':
- $gallery->comment_process();
- break;
-}
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+
+class gallery
+{
+ /*
+ Function Name: view
+ Arguments: (int) id -- ID of user
+ Purpose: View gallery of user
+ */
+ function view($id)
+ {
+ if($id == 0)
+ {
+ $error->general('Must be logged in!', 'Tried to access gallery as owner while unauthenticated');
+ }
+ else
+ {
+ if($user->is_friend($id))
+ {
+ $_query = 'SELECT img_id FROM '.AS_TBL_IMG.' WHERE owner_id = '.$db->qstr($id,get_magic_quotes_gpc());
+ $_query = $db->Execute($_query);
+ $_query = $db->GetArray($_query);
+ $gallery = new template(AS_DIR_TPL.'gallery.tpl');
+ $gallery->set_var('gallery', $_query);
+ }
+ }
+ }
+ /*
+ Function Name: drill
+ Arguments: (int) img_id -- ID of image to view; (int) owner -- ID of image uploader
+ Purpose: View fullsize image/comments of specific image
+ */
+ function drill( $img_id, $owner )
+ {
+ if( empty( $img_id ) )
+ {
+ $error->general('An image must be specified', 'Tried to access drill without specifying image id');
+ }
+ else
+ {
+ if( $user->is_friend($owner) )
+ {
+ $_query = 'SELECT * FROM '.AS_TBL_IMG.' WHERE img_id = '.$db->qstr($img_id,get_magic_quotes_gpc());
+ $img = $db->Execute( $_query );
+
+ $_query = 'SELECT * FROM '.AS_TBL_IMG_CMT.' WHERE image_id = '.$db->qstr($img_id,get_magic_quotes_gpc());
+ $img_com = $db->Execute( $_query );
+
+ $count = $img_com->RecordCount();
+ $array = $img_com->GetArray();
+ foreach($array[0] as $key_name => $key_value)
+ {
+ if (!is_numeric($key_name))
+ {
+ if ($key_value == 'author')
+ {
+ $key_value = $user->get_username($key_value);
+ }
+ $com[$key_name] = $key_value;
+ }
+ }
+ $img_com->Close();
+ $img = $img->GetArray();
+
+ if ( isset($user->data['user_id']) and $user->data['user_id'] != $img['owner'] )
+ {
+ $img['views']++;
+ $_query = 'UPDATE '.AS_TBL_IMG." SET views = '" . $views . "' WHERE img_id = '" . $img_id . "'";
+ $db->query($_query);
+ }
+ $drill = new template(AS_TPL.'drill.tpl');
+ $drill->set_var('id', $img_id);
+ $drill->set_var('comments', $com);
+ $drill->set_var('views', $img['views']);
+ $drill->set_var('desc', $img['desc']);
+ $drill->set_var('name', $img['name']);
+ }
+ }
+ }
+ /*
+ Function Name: comment
+ Arguments: (int) id -- Image ID; (int) owner -- Image owner ID
+ Purpose: Display comment form
+ */
+ function comment($id, $owner)
+ {
+ if($user->is_friend($owner))
+ {
+ $form = new template(AS_TPL.'forms/gallery_comment.tpl');
+ }
+ }
+ /*
+ Function Name: comment_process
+ Arguments: none
+ Purpose: Insert image comment into database
+ */
+ function comment_process()
+ {
+ $img_id = $_POST['id'];
+ $user->add_image_comment($img_id);
+ }
+}
+
+include('globals.php');
+$gallery =& new gallery();
+$mode = empty($_GET["mode"]) ? 'view' : $_GET["mode"];
+$id = empty($_GET["id"]) ? ($user->logged_in() ? $user->data['user_id'] : 0) : mysql_real_escape_string($_GET["id"]);
+switch ($mode)
+{
+ case 'view':
+ $gallery->view($id);
+ break;
+ case 'drill':
+ $gallery->drill(mysql_real_escape_string($_GET["img"]), $id);
+ break;
+ case 'comment':
+ $gallery->comment($id, $owner_id);
+ break;
+ case 'process':
+ $gallery->comment_process();
+ break;
+}
?>
\ No newline at end of file
Modified: trunk/globals.php
===================================================================
--- trunk/globals.php 2007-08-01 22:35:29 UTC (rev 85)
+++ trunk/globals.php 2007-08-01 23:32:07 UTC (rev 86)
@@ -1,79 +1,79 @@
-<?php
-/*******************************************************
- * Copyright (C) 2007 http://p3net.net
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-/* Include our larger functions */
-require('./config.php'); //We can't include using a constant defined in the file we're including
-require(AS_LOC_DIRECT.'functions/template.php');
-$template =& new template();
-require(AS_LOC_DIRECT.'functions/session.php');
-$user =& new session();
-require(AS_LOC_DIRECT.'functions/adodb/adodb.inc.php');
-
-/*The smaller ones*/
-class error
-{
- /*
- Function Name: general
- Arguments: (string) err -- Error to be printed; (string) verbose -- Error to be written to error log
- Purpose: Display error message and write record of error to log
- */
- function general($err, $verbose)
- {
- $error =& new template(AS_TPL.'messages/error.tpl');
- $error->set('err', $err);
- $handle = fopen('logs/errors.txt', 'w');
- if($handle)
- {
- $entry = "[" . date('d M Y H:i:s') . "][" . $REMOTE_ADDR . "] " . $err . " - " . $verbose;
- if(!fwrite($handle, $entry))
- {
- continue;
- }
- }
- fclose($handle);
- exit();
- }
-}
-class message
-{
- /*
- Function Name: thank
- Arguments: (string) message -- Thank you message; (string) go1 -- Page to proceed to; (string) res1 -- Desc of page;
- (string) (optional) go2 -- Second option to proceed to; (string) (optional) res2 -- Desc of second page
- Purpose:
- */
- function thank($message, $go1, $res1, $go2="", $res2="")
- {
- $message =& new template(AS_TPL.'message/thank.tpl');
- $message->set_var('go1', $go1);
- $message->set_var('go2', $go2);
- $message->set_var('res1', $res1);
- $message->set_var('res2', $res2);
- $message->set_var('message', $message);
- }
-}
-
-/* Our functions living in globals.php */
-$error =& new error;
-$message =& new message();
-
-$db =& new ADOConnection(AS_DB_TYPE);
-$db->Connect(AS_DB_HOST, AS_DB_USER, AS_DB_PASS, AS_DB_SCHEMA);
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+/* Include our larger functions */
+require('./config.php'); //We can't include using a constant defined in the file we're including
+require(AS_LOC_DIRECT.'functions/template.php');
+$template =& new template();
+require(AS_LOC_DIRECT.'functions/user.php');
+$user =& new user();
+require(AS_LOC_DIRECT.'functions/adodb/adodb.inc.php');
+
+/*The smaller ones*/
+class error
+{
+ /*
+ Function Name: general
+ Arguments: (string) err -- Error to be printed; (string) verbose -- Error to be written to error log
+ Purpose: Display error message and write record of error to log
+ */
+ function general($err, $verbose)
+ {
+ $error =& new template(AS_TPL.'messages/error.tpl');
+ $error->set('err', $err);
+ $handle = fopen('logs/errors.txt', 'w');
+ if($handle)
+ {
+ $entry = "[" . date('d M Y H:i:s') . "][" . $REMOTE_ADDR . "] " . $err . " - " . $verbose;
+ if(!fwrite($handle, $entry))
+ {
+ continue;
+ }
+ }
+ fclose($handle);
+ exit();
+ }
+}
+class message
+{
+ /*
+ Function Name: thank
+ Arguments: (string) message -- Thank you message; (string) go1 -- Page to proceed to; (string) res1 -- Desc of page;
+ (string) (optional) go2 -- Second option to proceed to; (string) (optional) res2 -- Desc of second page
+ Purpose:
+ */
+ function thank($message, $go1, $res1, $go2="", $res2="")
+ {
+ $message =& new template(AS_TPL.'message/thank.tpl');
+ $message->set_var('go1', $go1);
+ $message->set_var('go2', $go2);
+ $message->set_var('res1', $res1);
+ $message->set_var('res2', $res2);
+ $message->set_var('message', $message);
+ }
+}
+
+/* Our functions living in globals.php */
+$error =& new error;
+$message =& new message();
+
+$db =& new ADOConnection(AS_DB_TYPE);
+$db->Connect(AS_DB_HOST, AS_DB_USER, AS_DB_PASS, AS_DB_SCHEMA);
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <p3...@us...> - 2007-08-01 23:42:24
|
Revision: 89
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=89&view=rev
Author: p3net
Date: 2007-08-01 16:42:24 -0700 (Wed, 01 Aug 2007)
Log Message:
-----------
Add user_level to users table to see if user is an admin or not.
Modified Paths:
--------------
trunk/develop/new-schema.sql
trunk/functions/user.php
Modified: trunk/develop/new-schema.sql
===================================================================
--- trunk/develop/new-schema.sql 2007-08-01 23:36:20 UTC (rev 88)
+++ trunk/develop/new-schema.sql 2007-08-01 23:42:24 UTC (rev 89)
@@ -1,156 +1,157 @@
-DROP TABLE IF EXISTS `as_actions`;
-CREATE TABLE `as_actions` (
- `action_id` int(10) unsigned NOT NULL auto_increment,
- `action_timestamp` int(10) unsigned NOT NULL,
- `action` int(2) unsigned NOT NULL,
- `for` int(11) unsigned NOT NULL,
- PRIMARY KEY (`action_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
-DROP TABLE IF EXISTS `as_blog`;
-CREATE TABLE `as_blog` (
- `blog_id` int(10) unsigned NOT NULL auto_increment,
- `title` varchar(45) NOT NULL,
- `blog_timestamp` int(10) unsigned NOT NULL,
- `content` text NOT NULL,
- `author_id` int(11) unsigned NOT NULL,
- PRIMARY KEY (`blog_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
-DROP TABLE IF EXISTS `as_blog_comment`;
-CREATE TABLE `as_blog_comment` (
- `comment_id` int(10) unsigned NOT NULL auto_increment,
- `post_id` int(10) unsigned NOT NULL,
- `author_id` int(10) unsigned NOT NULL,
- `comment` text NOT NULL,
- `post_timestamp` int(10) unsigned NOT NULL,
- PRIMARY KEY (`comment_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
-DROP TABLE IF EXISTS `as_comments`;
-CREATE TABLE `as_comments` (
- `comment_id` int(10) unsigned NOT NULL auto_increment,
- `comment_timestamp` int(10) unsigned NOT NULL,
- `poster_id` int(11) unsigned NOT NULL,
- `recipient_id` int(11) unsigned NOT NULL,
- `comment` text NOT NULL,
- PRIMARY KEY (`comment_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
-
-DROP TABLE IF EXISTS `as_friends`;
-CREATE TABLE `as_friends` (
- `couple_id` int(10) unsigned NOT NULL auto_increment,
- `user1_id` int(10) unsigned NOT NULL,
- `user2_id` int(10) unsigned NOT NULL,
- `accepted` tinyint(1) unsigned NOT NULL,
- PRIMARY KEY (`couple_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
-
-DROP TABLE IF EXISTS `as_group_resolver`;
-CREATE TABLE `as_group_resolver` (
- `pair_id` int(10) unsigned NOT NULL auto_increment,
- `user_id` int(10) unsigned NOT NULL,
- `group_id` int(10) unsigned NOT NULL,
- `join_date` int(10) unsigned NOT NULL COMMENT 'Unix timestamp',
- PRIMARY KEY (`pair_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
-
-DROP TABLE IF EXISTS `as_groups`;
-CREATE TABLE `as_groups` (
- `group_id` int(10) unsigned NOT NULL auto_increment,
- `name` varchar(45) NOT NULL,
- `founder` int(11) unsigned NOT NULL,
- `create_timestamp` int(10) unsigned NOT NULL,
- PRIMARY KEY (`group_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
-
-DROP TABLE IF EXISTS `as_image_comments`;
-CREATE TABLE `as_image_comments` (
- `comment_id` int(10) unsigned NOT NULL auto_increment,
- `image_id` int(11) unsigned NOT NULL,
- `post_timestamp` int(10) unsigned NOT NULL,
- `author` int(11) unsigned NOT NULL,
- `comment` text NOT NULL,
- PRIMARY KEY (`comment_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
-DROP TABLE IF EXISTS `as_images`;
-CREATE TABLE `as_images` (
- `img_id` int(10) unsigned NOT NULL auto_increment,
- `owner_id` int(10) unsigned NOT NULL,
- `content` blob NOT NULL COMMENT 'binary image',
- `desc` text NOT NULL,
- `width` int(4) unsigned NOT NULL,
- `height` int(4) unsigned NOT NULL,
- `name` text NOT NULL,
- `views` int(6) unsigned NOT NULL,
- `mime_type` varchar(20) NOT NULL,
- PRIMARY KEY (`img_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
-DROP TABLE IF EXISTS `as_private_messages`;
-CREATE TABLE `as_private_messages` (
- `message_id` int(10) unsigned NOT NULL auto_increment,
- `sender_id` int(11) unsigned NOT NULL,
- `recipient_id` int(11) unsigned NOT NULL,
- `send_date` int(10) unsigned NOT NULL,
- `subject` varchar(80) NOT NULL,
- `message` text NOT NULL,
- `read` tinyint(1) unsigned NOT NULL default '0',
- PRIMARY KEY (`message_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
-DROP TABLE IF EXISTS `as_sessions`;
-CREATE TABLE `as_sessions` (
- `session_id` int(10) unsigned NOT NULL auto_increment,
- `user_id` int(11) unsigned NOT NULL,
- `ip` varchar(12) NOT NULL,
- `last_update` int(10) unsigned NOT NULL,
- PRIMARY KEY (`session_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
-
-DROP TABLE IF EXISTS `as_users`;
-CREATE TABLE `as_users` (
- `user_id` int(10) unsigned NOT NULL auto_increment,
- `password` varchar(16) NOT NULL,
- `join_date` int(10) unsigned NOT NULL COMMENT 'Unix timestamp',
- `last_login` int(10) unsigned NOT NULL COMMENT 'Unix timestamp',
- `time_offset` tinyint(3) unsigned NOT NULL,
- `email` varchar(60) NOT NULL,
- `privacy` tinyint(1) unsigned NOT NULL default '0',
- PRIMARY KEY (`user_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
-DROP TABLE IF EXISTS `as_static_profile_fields`;
-CREATE TABLE `as_static_profile_fields` (
- `static_profile_field_id` int(10) unsigned NOT NULL auto_increment,
- `user_id` int(10) unsigned NOT NULL,
- `display_name` varchar(45) NOT NULL,
- `blurb` text NOT NULL,
- `aim` varchar(45) NOT NULL,
- `yim` varchar(45) NOT NULL,
- `jabber` varchar(45) NOT NULL,
- `irc` varchar(45) NOT NULL,
- `icq` varchar(45) NOT NULL,
- `msn` varchar(45) NOT NULL,
- `user_image` int(11) unsigned NOT NULL,
- PRIMARY KEY (`static_profile_field_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
-
-DROP TABLE IF EXISTS `as_dynamic_profile_fields`;
-CREATE TABLE `as_dynamic_profile_fields` (
- `dynamic_profile_field_id` int(10) unsigned NOT NULL auto_increment,
- `field_name` varchar(128) NOT NULL default 'new field',
- `field_description` varchar(128),
- PRIMARY KEY (`dynamic_profile_field_id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
-DROP TABLE IF EXISTS `as_dynamic_profile_values`;
-CREATE TABLE `as_dynamic_profile_values` (
- `dynamic_profile_field_id` int(10) unsigned NOT NULL auto_increment,
- `user_id` int(10) unsigned NOT NULL,
- `field_name` varchar(128) NOT NULL default 'new field',
- `field_value` varchar(128),
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
-
+DROP TABLE IF EXISTS `as_actions`;
+CREATE TABLE `as_actions` (
+ `action_id` int(10) unsigned NOT NULL auto_increment,
+ `action_timestamp` int(10) unsigned NOT NULL,
+ `action` int(2) unsigned NOT NULL,
+ `for` int(11) unsigned NOT NULL,
+ PRIMARY KEY (`action_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `as_blog`;
+CREATE TABLE `as_blog` (
+ `blog_id` int(10) unsigned NOT NULL auto_increment,
+ `title` varchar(45) NOT NULL,
+ `blog_timestamp` int(10) unsigned NOT NULL,
+ `content` text NOT NULL,
+ `author_id` int(11) unsigned NOT NULL,
+ PRIMARY KEY (`blog_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `as_blog_comment`;
+CREATE TABLE `as_blog_comment` (
+ `comment_id` int(10) unsigned NOT NULL auto_increment,
+ `post_id` int(10) unsigned NOT NULL,
+ `author_id` int(10) unsigned NOT NULL,
+ `comment` text NOT NULL,
+ `post_timestamp` int(10) unsigned NOT NULL,
+ PRIMARY KEY (`comment_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `as_comments`;
+CREATE TABLE `as_comments` (
+ `comment_id` int(10) unsigned NOT NULL auto_increment,
+ `comment_timestamp` int(10) unsigned NOT NULL,
+ `poster_id` int(11) unsigned NOT NULL,
+ `recipient_id` int(11) unsigned NOT NULL,
+ `comment` text NOT NULL,
+ PRIMARY KEY (`comment_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
+
+DROP TABLE IF EXISTS `as_friends`;
+CREATE TABLE `as_friends` (
+ `couple_id` int(10) unsigned NOT NULL auto_increment,
+ `user1_id` int(10) unsigned NOT NULL,
+ `user2_id` int(10) unsigned NOT NULL,
+ `accepted` tinyint(1) unsigned NOT NULL,
+ PRIMARY KEY (`couple_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
+
+DROP TABLE IF EXISTS `as_group_resolver`;
+CREATE TABLE `as_group_resolver` (
+ `pair_id` int(10) unsigned NOT NULL auto_increment,
+ `user_id` int(10) unsigned NOT NULL,
+ `group_id` int(10) unsigned NOT NULL,
+ `join_date` int(10) unsigned NOT NULL COMMENT 'Unix timestamp',
+ PRIMARY KEY (`pair_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
+
+DROP TABLE IF EXISTS `as_groups`;
+CREATE TABLE `as_groups` (
+ `group_id` int(10) unsigned NOT NULL auto_increment,
+ `name` varchar(45) NOT NULL,
+ `founder` int(11) unsigned NOT NULL,
+ `create_timestamp` int(10) unsigned NOT NULL,
+ PRIMARY KEY (`group_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
+
+DROP TABLE IF EXISTS `as_image_comments`;
+CREATE TABLE `as_image_comments` (
+ `comment_id` int(10) unsigned NOT NULL auto_increment,
+ `image_id` int(11) unsigned NOT NULL,
+ `post_timestamp` int(10) unsigned NOT NULL,
+ `author` int(11) unsigned NOT NULL,
+ `comment` text NOT NULL,
+ PRIMARY KEY (`comment_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `as_images`;
+CREATE TABLE `as_images` (
+ `img_id` int(10) unsigned NOT NULL auto_increment,
+ `owner_id` int(10) unsigned NOT NULL,
+ `content` blob NOT NULL COMMENT 'binary image',
+ `desc` text NOT NULL,
+ `width` int(4) unsigned NOT NULL,
+ `height` int(4) unsigned NOT NULL,
+ `name` text NOT NULL,
+ `views` int(6) unsigned NOT NULL,
+ `mime_type` varchar(20) NOT NULL,
+ PRIMARY KEY (`img_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `as_private_messages`;
+CREATE TABLE `as_private_messages` (
+ `message_id` int(10) unsigned NOT NULL auto_increment,
+ `sender_id` int(11) unsigned NOT NULL,
+ `recipient_id` int(11) unsigned NOT NULL,
+ `send_date` int(10) unsigned NOT NULL,
+ `subject` varchar(80) NOT NULL,
+ `message` text NOT NULL,
+ `read` tinyint(1) unsigned NOT NULL default '0',
+ PRIMARY KEY (`message_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `as_sessions`;
+CREATE TABLE `as_sessions` (
+ `session_id` int(10) unsigned NOT NULL auto_increment,
+ `user_id` int(11) unsigned NOT NULL,
+ `ip` varchar(12) NOT NULL,
+ `last_update` int(10) unsigned NOT NULL,
+ PRIMARY KEY (`session_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;
+
+DROP TABLE IF EXISTS `as_users`;
+CREATE TABLE `as_users` (
+ `user_id` int(10) unsigned NOT NULL auto_increment,
+ `password` varchar(16) NOT NULL,
+ `join_date` int(10) unsigned NOT NULL COMMENT 'Unix timestamp',
+ `last_login` int(10) unsigned NOT NULL COMMENT 'Unix timestamp',
+ `time_offset` tinyint(3) unsigned NOT NULL,
+ `email` varchar(60) NOT NULL,
+ `privacy` tinyint(1) unsigned NOT NULL default '0',
+ `user_level` tinyint(1) unsigned NOT NULL default '0',
+ PRIMARY KEY (`user_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `as_static_profile_fields`;
+CREATE TABLE `as_static_profile_fields` (
+ `static_profile_field_id` int(10) unsigned NOT NULL auto_increment,
+ `user_id` int(10) unsigned NOT NULL,
+ `display_name` varchar(45) NOT NULL,
+ `blurb` text NOT NULL,
+ `aim` varchar(45) NOT NULL,
+ `yim` varchar(45) NOT NULL,
+ `jabber` varchar(45) NOT NULL,
+ `irc` varchar(45) NOT NULL,
+ `icq` varchar(45) NOT NULL,
+ `msn` varchar(45) NOT NULL,
+ `user_image` int(11) unsigned NOT NULL,
+ PRIMARY KEY (`static_profile_field_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+
+DROP TABLE IF EXISTS `as_dynamic_profile_fields`;
+CREATE TABLE `as_dynamic_profile_fields` (
+ `dynamic_profile_field_id` int(10) unsigned NOT NULL auto_increment,
+ `field_name` varchar(128) NOT NULL default 'new field',
+ `field_description` varchar(128),
+ PRIMARY KEY (`dynamic_profile_field_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+DROP TABLE IF EXISTS `as_dynamic_profile_values`;
+CREATE TABLE `as_dynamic_profile_values` (
+ `dynamic_profile_field_id` int(10) unsigned NOT NULL auto_increment,
+ `user_id` int(10) unsigned NOT NULL,
+ `field_name` varchar(128) NOT NULL default 'new field',
+ `field_value` varchar(128),
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
Modified: trunk/functions/user.php
===================================================================
--- trunk/functions/user.php 2007-08-01 23:36:20 UTC (rev 88)
+++ trunk/functions/user.php 2007-08-01 23:42:24 UTC (rev 89)
@@ -424,5 +424,28 @@
$time = $time + $diff;
return date('m/d/Y G:i:s', $time);
}
+ function is_admin()
+ {
+ if($session->logged_in())
+ {
+ $_query="SELECT `user_level` FROM " . AS_TBL_USERS . " WHERE `user_id`='" . $user->data['user_id'] . "'";
+ $db->Execute($_query);
+
+ $res = $db->FetchArray($_query);
+ $res = $res['user_leve'];
+ if($res == 1)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ else
+ {
+ return false;
+ }
+ }
}
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <del...@us...> - 2007-08-04 00:18:42
|
Revision: 91
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=91&view=rev
Author: deltalabs
Date: 2007-08-03 17:18:45 -0700 (Fri, 03 Aug 2007)
Log Message:
-----------
had to add the constant for the static_profile_fields table to config.php, and finished fitting the queries in user.php to the new schema. I also added the `who` field to the actions table in the schema
Modified Paths:
--------------
trunk/config.php
trunk/develop/new-schema.sql
trunk/functions/user.php
Modified: trunk/config.php
===================================================================
--- trunk/config.php 2007-08-03 23:08:43 UTC (rev 90)
+++ trunk/config.php 2007-08-04 00:18:45 UTC (rev 91)
@@ -21,6 +21,7 @@
from functioning.
*/
define('AS_TBL_USERS', AS_DB_PREFIX.'users');
+define('AS_TBL_STATIC_PROFILE_FIELDS', AS_DB_PREFIX.'static_profile_fields');
define('AS_TBL_BLOG', AS_DB_PREFIX.'blog');
define('AS_TBL_BLOG_CMT', AS_DB_PREFIX.'blog_comment');
define('AS_TBL_COMMENTS', AS_DB_PREFIX.'comments');
Modified: trunk/develop/new-schema.sql
===================================================================
--- trunk/develop/new-schema.sql 2007-08-03 23:08:43 UTC (rev 90)
+++ trunk/develop/new-schema.sql 2007-08-04 00:18:45 UTC (rev 91)
@@ -1,6 +1,7 @@
DROP TABLE IF EXISTS `as_actions`;
CREATE TABLE `as_actions` (
`action_id` int(10) unsigned NOT NULL auto_increment,
+ `who` int(11) unsigned NOT NULL,
`action_timestamp` int(10) unsigned NOT NULL,
`action` int(2) unsigned NOT NULL,
`for` int(11) unsigned NOT NULL,
Modified: trunk/functions/user.php
===================================================================
--- trunk/functions/user.php 2007-08-03 23:08:43 UTC (rev 90)
+++ trunk/functions/user.php 2007-08-04 00:18:45 UTC (rev 91)
@@ -30,10 +30,10 @@
/* We don't have a session and aren't logged in. Let's create it */
$id = md5(time() . rand(1,1000));
/* Check to make sure it's unique */
- $_query = 'INSERT INTO '.AS_TBL_SESSION.' (id, user_id, ip, last_update) VALUES(' . $id . ','.$db->qstr('-1').',' . $db->qstr($_SERVER['REMOTE_ADDR']) . ',' . time() . ')';
+ $_query = 'INSERT INTO '.AS_TBL_SESSION.' (session_id, user_id, ip, last_update) VALUES(' . $id . ','.$db->qstr('-1').',' . $db->qstr($_SERVER['REMOTE_ADDR']) . ',' . time() . ')';
if ($db->Execute($_query) === false)
{
- $error->general('<b>DB Error!</b>', 'session.php - create(): '.$db->ErrorMsg());
+ $error->general('<b>DB Error!</b>', 'user.php - create(): '.$db->ErrorMsg());
return false;
}
$_COOKIE['session_id'] = $id;
@@ -74,7 +74,7 @@
}
}
/* Update our updated time */
- $_query = 'UPDATE '.AS_TBL_SESSION.' SET last_update = ' . time() . ' WHERE id = ' . $user->data['id'] . ' LIMIT 1';
+ $_query = 'UPDATE '.AS_TBL_SESSION.' SET last_update = ' . time() . ' WHERE session_id = ' . $user->data['id'] . ' LIMIT 1';
if ($db->Execute($_query) === false)
{
$error->general('<b>DB Error!</b>', 'session.php - check(): '.$db->ErrorMsg());
@@ -126,10 +126,10 @@
}
else
{
- $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = ' . $user_id . ' WHERE id = ' . $db->qstr($_COOKIE["session_id"]) . ' LIMIT 1';
+ $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = ' . $user_id . ' WHERE session_id = ' . $db->qstr($_COOKIE["session_id"]) . ' LIMIT 1';
if ($db->Execute($_query) === false)
{
- $error->general('<b>DB Error!</b>', 'session.php - login(): '.$db->ErrorMsg());
+ $error->general('<b>DB Error!</b>', 'user.php - login(): '.$db->ErrorMsg());
return false;
}
/* Run the session check again. It'll make the row and populate $user->data */
@@ -145,7 +145,7 @@
{
if($session->logged_in())
{
- $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = '.$db->qstr('-1').' WHERE id = ' . $user->data['id'] . ' AND ip = ' . $db->qstr($user->data['ip']) . ' LIMIT 1';
+ $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = '.$db->qstr('-1').' WHERE session_id = ' . $user->data['id'] . ' AND ip = ' . $db->qstr($user->data['ip']) . ' LIMIT 1';
$db->query($_query);
$user->data = null;
}
@@ -172,7 +172,7 @@
}
else
{
- $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE party_1 = ' . $user->data['user_id'] . ' AND party_2 = ' . $id . ' AND accepted = 1';
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE user1_id = ' . $user->data['user_id'] . ' AND user2_id = ' . $id . ' AND accepted = 1';
$_query = $db->Execute($_query);
if($_query->fields[0] > 0)
{
@@ -180,7 +180,7 @@
}
else
{
- $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE party_2 = ' . $user->data['user_id'] . ' AND party_1 = ' . $id . ' AND accepted = 1';
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE user2_id = ' . $user->data['user_id'] . ' AND user2_id = ' . $id . ' AND accepted = 1';
$_query = $db->Execute($_query);
if($_query->fields[0] > 0)
{
@@ -221,7 +221,7 @@
7. Left you a comment on a blog post
8. Joined a group
9. Created a group */
- $_query = 'INSERT INTO '.AS_TBL_ACTION.' (time, who, action, for) VALUES(' . time() . ',' . $user->data['user_id'] . ', ' . $action . ', ' . $who . ')';
+ $_query = 'INSERT INTO '.AS_TBL_ACTION.' (action_timestamp, who, action, for) VALUES(' . time() . ',' . $user->data['user_id'] . ', ' . $action . ', ' . $who . ')';
$db->query($_query);
return true;
}
@@ -250,7 +250,7 @@
}
else
{
- $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE (party_1 = ' . $user->data['user_id'] . ' AND party_2 = ' . $id;
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE (user1_id = ' . $user->data['user_id'] . ' AND user2_id = ' . $id;
$_query = $db->query($_query);
if ($_query->fields[0] > 0)
{
@@ -258,7 +258,7 @@
}
else
{
- $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE party_2 = ' . $user->data['user_id'] . ' AND party_1 = ' . $id;
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE user1_id = ' . $user->data['user_id'] . ' AND user1_id = ' . $id;
$_query = $db->Execute($_query);
if ($_query->fields[0] > 0)
{
@@ -290,7 +290,7 @@
$error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
- $_query= 'UPDATE '.AS_TBL_FRIEND.' SET accepted = 1 WHERE party_2 = '.$data->user['user_id'].' AND party_1 = '.$id.' LIMIT 1';
+ $_query= 'UPDATE '.AS_TBL_FRIEND.' SET accepted = 1 WHERE user2_id = '.$data->user['user_id'].' AND user1_id = '.$id.' LIMIT 1';
$db->query($_query);
$user->action(5, $id);
}
@@ -308,7 +308,7 @@
}
/*We're simply checking whether or not we have the permissions to view this space */
/*First we need to figure out what the space privacy setting is*/
- $_query = 'SELECT privacy FROM '.AS_TBL_USER.' WHERE id = ' . $id . ' LIMIT 1';
+ $_query = 'SELECT privacy FROM '.AS_TBL_USER.' WHERE user_id = ' . $id . ' LIMIT 1';
$_query = $db->Execute($_query);
$_query = $db->GetArray($_query);
$res = $_query[0]['privacy'];
@@ -414,7 +414,7 @@
$error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
- $_query = 'SELECT display_name FROM '.AS_TBL_USER.' WHERE id = ' . $id;
+ $_query = 'SELECT display_name FROM '.AS_TBL_STATIC_PROFILE_FIELDS.' WHERE static_profile_field_id = ' . $id;
$_query = $db->Execute($_query);
$res = $db->GetArray($_query);
return $res[0]['display_name'];
@@ -432,13 +432,13 @@
return false;
}
- $owner = 'SELECT owner_id FROM '.AS_TBL_IMG.' WHERE id = ' . $id;
+ $owner = 'SELECT owner_id FROM '.AS_TBL_IMG.' WHERE img_id = ' . $id;
$owner = $db->query($owner);
$owner = $db->fetch_array($owner);
$owner = $owner['owner'];
if ($session->is_friend($owner))
{
- $_query = 'INSERT INTO '.AS_TBL_IMG_CMT.' (image_id, post_timestamp, author, comment) VALUES('. $id . ',' . time() . ',' . $user->data['user_id'] . ',' . $db->qstr($_POST['comment'],get_magic_quotes_gpc()) . ')';
+ $_query = 'INSERT INTO '.AS_TBL_IMG_CMT.' (img_id, post_timestamp, author, comment) VALUES('. $id . ',' . time() . ',' . $user->data['user_id'] . ',' . $db->qstr($_POST['comment'],get_magic_quotes_gpc()) . ')';
if ($db->Execute($_query) === false)
{
$error->general('<b>DB Error!</b>', 'session.php - add_img_comment(): '.$db->ErrorMsg());
@@ -447,6 +447,26 @@
}
}
/*
+ Function Name: is_in_group
+ Arguments: (int) user_id -- id of user, (int) grp_id -- id of group
+ Purpose: check to see whether or not user is part of a particular group
+ */
+ function is_in_group ($user_id, $grp_id)
+ {
+ if (!is_numeric($user_id) and $user_id != null)
+ {
+ $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+ else if (!is_numeric($grp_id) and $grp_id != null)
+ {
+ $error->general('Invalid groupID', "Invalid groupID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
+ /* Work in progress... */
+ }
+ /*
Function Name: generate_timestamp
Arguments: (int) time -- time to parse
Purpose: Generate datestamp of time passed, taking user's time offset into consideration
@@ -461,7 +481,7 @@
if($session->logged_in())
{
- $_query = 'SELECT time_offset FROM '.AS_TBL_USER.' WHERE id = ' . $user->data['user_id'];
+ $_query = 'SELECT time_offset FROM '.AS_TBL_USER.' WHERE user_id = ' . $user->data['user_id'];
$_query = $db->Execute($_query);
$_query = $query->GetArray($_query);
$offset = $_query[0]['time_offset'];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <del...@us...> - 2007-08-05 03:43:56
|
Revision: 92
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=92&view=rev
Author: deltalabs
Date: 2007-08-04 20:43:57 -0700 (Sat, 04 Aug 2007)
Log Message:
-----------
Finished groups and added a description field to the group table.
Modified Paths:
--------------
trunk/develop/new-schema.sql
trunk/functions/user.php
Modified: trunk/develop/new-schema.sql
===================================================================
--- trunk/develop/new-schema.sql 2007-08-04 00:18:45 UTC (rev 91)
+++ trunk/develop/new-schema.sql 2007-08-05 03:43:57 UTC (rev 92)
@@ -60,6 +60,7 @@
CREATE TABLE `as_groups` (
`group_id` int(10) unsigned NOT NULL auto_increment,
`name` varchar(45) NOT NULL,
+ `desc` text NOT NULL,
`founder` int(11) unsigned NOT NULL,
`create_timestamp` int(10) unsigned NOT NULL,
PRIMARY KEY (`group_id`)
Modified: trunk/functions/user.php
===================================================================
--- trunk/functions/user.php 2007-08-04 00:18:45 UTC (rev 91)
+++ trunk/functions/user.php 2007-08-05 03:43:57 UTC (rev 92)
@@ -448,25 +448,192 @@
}
/*
Function Name: is_in_group
- Arguments: (int) user_id -- id of user, (int) grp_id -- id of group
+ Arguments: (int) grp_id -- id of group
Purpose: check to see whether or not user is part of a particular group
*/
- function is_in_group ($user_id, $grp_id)
+ function is_in_group ($grp_id)
{
- if (!is_numeric($user_id) and $user_id != null)
+ if (!is_numeric($grp_id) and $grp_id != null)
{
- $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ $error->general('Invalid groupID', "Invalid groupID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
- else if (!is_numeric($grp_id) and $grp_id != null)
+
+ $_query = 'SELECT pair_id FROM '.AS_TBL_GRPRES.' WHERE user_id = ' . $user->data['user_id'] . ' AND group_id = ' . $grp_id;
+ $res = $db->GetArray($db->Execute($_query));
+ if (count($res) > 0)
{
+ return true;
+ }
+ return false;
+ }
+ /*
+ Function Name: join_group
+ Arguments: (int) grp_id -- id of group
+ Purpose: join a group
+ */
+ function join_group ($grp_id)
+ {
+ if (!is_numeric($grp_id) and $grp_id != null)
+ {
$error->general('Invalid groupID', "Invalid groupID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
+
+ $_query = 'INSERT INTO ' . AS_TBL_GRPRES . ' (user_id, group_id, join_date) VALUES ('
+ . $user->data['user_id'] . ', ' . $grp_id . ', ' . ', ' . time(). ')';
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('Problem joining group', 'Unknown problem joining group: ' . $db->ErrorMsg());
+ return false;
+ }
+ }
+ /*
+ Function Name: leave_group
+ Arguments: (int) grp_id -- id of group
+ Purpose: leave a group
+ */
+ function leave_group ($grp_id)
+ {
+ if (!is_numeric($grp_id) and $grp_id != null)
+ {
+ $error->general('Invalid groupID', "Invalid groupID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
+ $_query = 'DELETE FROM ' . AS_TBL_GRPRES . ' WHERE user_id = '
+ . $user->data['user_id'] . ' AND group_id = ' . $grp_id;
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('Problem leaving group', 'Unknown problem leaving group: ' . $db->ErrorMsg());
+ return false;
+ }
+ }
+ /*
+ Function Name: kick_from_group
+ Arguments: (int) grp_id -- id of group, (int) user_id -- id of user to kick
+ Purpose: forcefully remove a user from your group
+ */
+ function kick_from_group ($grp_id, $user_id)
+ {
+ $_query = 'SELECT founder FROM ' . AS_TBL_GRP . ' WHERE founder = ' . $user->data['user_id'];
+ $_query = $db->Execute($_query);
+ $res = $db->GetArray($_query);
+ $founder_id = $res[0]['founder'];
- /* Work in progress... */
+ if ($user->data['user_id'] == $founder_id)
+ {
+ if (!is_numeric($grp_id) and $grp_id != null)
+ {
+ $error->general('Invalid groupID', "Invalid groupID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+ else if (!is_numeric($user_id) and $user_id != null)
+ {
+ $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
+ $_query = 'DELETE FROM ' . AS_TBL_GRPRES . ' WHERE group_id = ' . $grp_id . ' AND user_id = ' . $user_id;
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('Failed to kick user', 'Unknown problem removing user from group: ' . $db->ErrorMsg());
+ return false;
+ }
+ return true;
+ }
}
/*
+ Function Name: create_group
+ Arguments: (string) name -- name of group, (string) desc -- description of the group
+ Purpose: create a group
+ */
+ function create_group ($name, $desc)
+ {
+ if (!is_numeric($grp_id) and $grp_id != null)
+ {
+ $error->general('Invalid groupID', "Invalid groupID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
+ $_query = 'INSERT INTO ' . AS_TBL_GRPS . ' (name, desc, founder, create_timestamp) VALUES '
+ . '(' . $db->qstr($name) . ', ' . $db->qstr($desc) . ', ' . $user->data['user_id'] . ', ' . time() . ')';
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('Problem creating group', 'Unknown problem creating group: ' . $db->ErrorMsg());
+ return false;
+ }
+ return true;
+ }
+ /*
+ Function Name: edit_group
+ Arguments: (int) grp_id, id of the group to edit, (string) new_name -- new name of group, (string) desc -- new description of the group
+ Purpose: modify a group
+ */
+ function edit_group ($grp_id, $new_name, $new_desc)
+ {
+ $_query = 'SELECT founder FROM ' . AS_TBL_GRP . ' WHERE founder = ' . $user->data['user_id'];
+ $_query = $db->Execute($_query);
+ $res = $db->GetArray($_query);
+ $founder_id = $res[0]['founder'];
+
+ if ($user->data['user_id'] == $founder_id)
+ {
+ if (!is_numeric($grp_id) and $grp_id != null)
+ {
+ $error->general('Invalid groupID', "Invalid groupID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
+ $_query = 'UPDATE ' . AS_TBL_GRPS . ' SET name = ' . $db->qstr($new_name) . ', desc = ' . $db->qstr($new_desc)
+ . ' WHERE group_id = ' . $grp_id;
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('Problem editing group', 'Unknown problem editing group: ' . $db->ErrorMsg());
+ return false;
+ }
+ return true;
+ }
+ else
+ {
+ $error->general('Problem editing group', "You don't have permission to edit this group!");
+ return false;
+ }
+ }
+ /*
+ Function Name: delete_group
+ Arguments: (int) grp_id
+ Purpose: remove an existing group
+ */
+ function delete_group ($grp_id)
+ {
+ $_query = 'SELECT founder FROM ' . AS_TBL_GRP . ' WHERE founder = ' . $user->data['user_id'];
+ $_query = $db->Execute($_query);
+ $res = $db->GetArray($_query);
+ $founder_id = $res[0]['founder'];
+ if ($user->data['user_id'] == $founder_id)
+ {
+ if (!is_numeric($grp_id) and $grp_id != null)
+ {
+ $error->general('Invalid groupID', "Invalid groupID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
+ $_query = 'DELETE FROM ' . AS_TBL_GRPS . ' WHERE group_id = ' . $grp_id;
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('Problem deleting group', 'Unknown problem deleting group: ' . $db->ErrorMsg());
+ return false;
+ }
+ return true;
+ }
+ else
+ {
+ $error->general('Problem deleting group', "You don't have permission to delete this group!");
+ return false;
+ }
+ }
+ /*
Function Name: generate_timestamp
Arguments: (int) time -- time to parse
Purpose: Generate datestamp of time passed, taking user's time offset into consideration
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X