Thread: [Comoblog-commit] comoblog/include config.inc.php, 1.3, 1.4 libraries.inc.php, 1.10, 1.11
Status: Inactive
Brought to you by:
markwallis
Menu
▾
▴
comoblog-commit
|
From: iamdecal <iam...@us...> - 2006-08-16 01:12:46
|
Update of /cvsroot/comoblog/comoblog/include In directory sc8-pr-cvs4.sourceforge.net:/tmp/cvs-serv2807/include Modified Files: config.inc.php libraries.inc.php Log Message: added update for 1,2 to 1.3 - a few comments to help with releases //ADDED in 1.3 for new code //TODO for things that still need to be looked at Index: libraries.inc.php =================================================================== RCS file: /cvsroot/comoblog/comoblog/include/libraries.inc.php,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- libraries.inc.php 15 Aug 2006 16:56:31 -0000 1.10 +++ libraries.inc.php 16 Aug 2006 01:12:41 -0000 1.11 @@ -8,7 +8,7 @@ if ($ver == "0.5.1" || $ver == "1.0") return true; else - return false; + return false; } function in_supported_patch_list ($ver) { @@ -16,7 +16,7 @@ return true; else return false; -} +} function check_version_match () { $db_version = floatval(CFG_VERSION); @@ -25,19 +25,19 @@ if ($db_version == floatval($file_version[0])) return true; else - return false; + return false; } function run_script ($script_name) { - $errors = array(); + $errors = array(); require (dirname(__FILE__).'/../admin/include/xml2array.inc.php'); $xmlparse = &new ParseXML; $xml = $xmlparse->GetXMLTree($script_name); - $queryerror = false; + $queryerror = false; $queries = $xml['COMOBLOG_UPGRADE'][0]['DBQUERY']; for ($c = 0; $c < count($queries); $c++) @@ -54,18 +54,18 @@ unset ($xmlparse); - return $errors; + return $errors; } function topic_details ($id) { $query = "select * from ".CFG_MYSQL_TABPREFIX."topics where topic_id = '".$id."'"; $res = mysql_query($query); - + if (!$res || !mysql_num_rows($res)) return (false); - + $topic = mysql_fetch_assoc($res); - + return ($topic); } @@ -73,7 +73,7 @@ function post_del ($post_id) { $query = "delete from ".CFG_MYSQL_TABPREFIX."posts where post_id = '".$post_id."'"; $res = mysql_query($query); - + $query = "select concat(img_id,'.',img_extension) as filename, concat(img_id,'_thumb.',img_extension) as thumbname from ".CFG_MYSQL_TABPREFIX."images where post_id = '".$post_id."'"; $res = mysql_query($query); @@ -85,7 +85,7 @@ if (file_exists(CFG_BASE_PATH.'/img/posts/'.$thumb_filename)) $unlink = @unlink (CFG_BASE_PATH.'/img/posts/'.$thumb_filename); } - + $query = "delete from ".CFG_MYSQL_TABPREFIX."images where post_id = '".$post_id."'"; $res = mysql_query($query); @@ -96,7 +96,7 @@ function posts_list ($offset, $howmany) { - + if (CFG_USE_PATH_INFO == 'no') $iisbug = '?'; else @@ -121,7 +121,7 @@ if (!$res || !mysql_num_rows($res)) return (false); - + $posts = array(); while ($row = mysql_fetch_array($res)) { $row['post_permalink'] = CFG_SITE_URL.'post.php'.$iisbug.'/'.$row['post_id']; @@ -133,7 +133,7 @@ $row['post_trackback_list_rss'] = CFG_SITE_URL.'trackback.php'.$iisbug.'/'.$row['post_id'].'?__mode=rss'; $posts[] = $row; } - + return ($posts); } @@ -154,7 +154,7 @@ if (!$res || !mysql_num_rows($res)) return (false); - + $posts = array(); while ($row = mysql_fetch_array($res)) { $row['post_permalink'] = CFG_SITE_URL.'post.php'.$iisbug.'/'.$row['post_id']; @@ -166,7 +166,7 @@ $row['post_trackback_list_rss'] = CFG_SITE_URL.'trackback.php'.$iisbug.'/'.$row['post_id'].'?__mode=rss'; $posts[] = $row; } - + return ($posts); } @@ -241,7 +241,7 @@ if (!$res || !mysql_num_rows($res)) return (false); - + $posts = array(); while ($row = mysql_fetch_array($res)) { $row['post_permalink'] = CFG_SITE_URL.'post.php'.$iisbug.'/'.$row['post_id']; @@ -254,7 +254,7 @@ $row['post_mail_date_rss'] = gmstrftime("%a, %d %b %Y %T %Z",$row['post_mail_date']); $posts[] = $row; } - + return ($posts); } @@ -291,12 +291,12 @@ and p.post_mail_date < ".$end." group by p.post_id order by p.post_mail_date ".CFG_POST_SORT_ORDER." - "; + "; $res = mysql_query($query); - + if (!$res || !mysql_num_rows($res)) return (false); - + $posts = array(); while ($row = mysql_fetch_array($res)) { $row['post_permalink'] = CFG_SITE_URL.'post.php'.$iisbug.'/'.$row['post_id']; @@ -308,7 +308,7 @@ $row['post_trackback_list_rss'] = CFG_SITE_URL.'trackback.php'.$iisbug.'/'.$row['post_id'].'?__mode=rss'; $posts[] = $row; } - + return ($posts); } @@ -363,10 +363,10 @@ select p.*, FROM_UNIXTIME(p.post_mail_date) as post_mail_date_nice , - count(c.post_id) as post_comments, - count(tr.post_id) as post_trackback_pings, + count(c.post_id) as post_comments, + count(tr.post_id) as post_trackback_pings, t.topic_name, concat(t.img_id,'.',i.img_extension) as topic_img - from + from ".CFG_MYSQL_TABPREFIX."posts p left join ".CFG_MYSQL_TABPREFIX."comments c on p.post_id = c.post_id @@ -380,10 +380,10 @@ group by p.post_id "; $res = mysql_query($query); - + if (!$res || !mysql_num_rows($res)) return (false); - + $post = mysql_fetch_array($res); $post['post_permalink'] = CFG_SITE_URL.'post.php'.$iisbug.'/'.$post['post_id']; if (CFG_USE_FRIENDLY_URLS =="yes"){ @@ -392,7 +392,7 @@ $post['post_trackback_ping_url'] = CFG_SITE_URL.'trackback.php'.$iisbug.'/'.$post['post_id']; $post['post_trackback_list'] = CFG_SITE_URL.'trackback.php'.$iisbug.'/'.$post['post_id'].'?__mode=list'; $post['post_trackback_list_rss'] = CFG_SITE_URL.'trackback.php'.$iisbug.'/'.$post['post_id'].'?__mode=rss'; - + return ($post); } @@ -407,43 +407,43 @@ if (!$res || !mysql_num_rows($res)) return (false); - + return (true); } - +// ADDED IN 1.3 function get_commenter_approval_state($commenter_author_email){ - + // gets the default for people who have been recorded before, // returns "unknown_user" for people who it cant find - // and Y or N if it can. + // and Y or N if it can. $query = " select c.commenter_default from ".CFG_MYSQL_TABPREFIX."commenters c where c.commenter_author_email= '".addslashes($commenter_author_email)."'"; $res = mysql_query($query); - + if (!$res || !mysql_num_rows($res)){ return ("unknown_user"); } - + return mysql_query($res,0,0); - -} +} +// ADDED IN 1.3 function set_commenter_approval_state($commenter_author_email,$state){ - // empty place holder + // empty place holder $query =""; // find out if we know about the user already. if (get_commenter_approval_state($commenter_author_email) !="unknown_user"){ // if we do - update the record. $query ="update ".CFG_MYSQL_TABPREFIX."commenters " . "set commenter_default=''".addslashes($state)."'" . - "' where commenter_author_email= '".addslashes($commenter_author_email)."'"; + "' where commenter_author_email= '".addslashes($commenter_author_email)."'"; } - + else { - // if not - add a record + // if not - add a record $query = " insert into ".CFG_MYSQL_TABPREFIX."commenters (comment_author_email,commenter_default) @@ -453,18 +453,18 @@ ) "; } - + // run the query $res = mysql_query($query); - + if (!$res) return (false); - + $insert_id = mysql_insert_id(); - - return ($insert_id); - + + return ($insert_id); + } @@ -472,14 +472,14 @@ $comment['comment_author'] = clean_up_txt($comment['comment_author']); $comment['comment_author_email'] = clean_up_txt($comment['comment_author_email']); #$comment['comment_text'] = clean_up_txt($comment['comment_text']); - // optionally allow raw HTML to be entered into comments + // optionally allow raw HTML to be entered into comments // needs an additional filter to stip script tags etc? if ($comment['comment_convert'] != 'noconvert'){ $comment['comment_text'] = clean_up_txt($comment['comment_text']); } - + // ADDED IN 1.3 // first we get the default state for new comments if (CFG_COMMENTS_DEFAULT_STATE == 'yes'){ $comment['comment_live'] = "Y"; @@ -487,13 +487,13 @@ else { $comment['comment_live'] = "N"; } - + // then we check if we have seen them before if (get_commenter_approval_state($comment['comment_author_email']) !="unknown_user"){ $comment['comment_live'] =get_commenter_approval_state($comment['comment_author_email']); } - - + + // apply comment filters global $COMMENT_PRE_FILTERS; if (count($COMMENT_PRE_FILTERS) > 0) { @@ -508,7 +508,7 @@ values ( '".addslashes($comment['comment_author'])."', '".addslashes($comment['comment_author_email'])."', - '".addslashes($comment['comment_author_url'])."', + '".addslashes($comment['comment_author_url'])."', '".addslashes($comment['comment_text'])."', '".time()."', '".$comment['post_id']."', @@ -516,12 +516,12 @@ ) "; $res = mysql_query($query); - + if (!$res) return (false); - + $comment['comment_id'] = mysql_insert_id(); - + // apply comment filters global $COMMENT_POST_FILTERS; if (count($COMMENT_POST_FILTERS) > 0) { @@ -529,8 +529,8 @@ include_once (CFG_BASE_PATH.'/modules/'.$COMMENT_POST_FILTERS[$comment_cnt].'/'.$COMMENT_POST_FILTERS[$comment_cnt].'_comment_filter.php'); } } - - + + return ($comment); } @@ -542,20 +542,20 @@ order by c.comment_added ". CFG_COMMENT_SORT_ORDER . " "; $res = mysql_query($query); - + if (!$res || !mysql_num_rows($res)) return (false); - + $c = 0; while ($row = mysql_fetch_array($res)) { $comments[$c] = $row; $comments[$c]['comment_date'] = getdate($row['comment_added']); if ($comments[$c]['comment_date']['hours'] < 10) $comments[$c]['comment_date']['hours'] = '0'.$comments[$c]['comment_date']['hours']; - if ($comments[$c]['comment_date']['minutes'] < 10) $comments[$c]['comment_date']['minutes'] = '0'.$comments[$c]['comment_date']['minutes']; + if ($comments[$c]['comment_date']['minutes'] < 10) $comments[$c]['comment_date']['minutes'] = '0'.$comments[$c]['comment_date']['minutes']; $c++; } - + return ($comments); } @@ -565,7 +565,7 @@ $query = " insert into ".CFG_MYSQL_TABPREFIX."trackback_pings (trackback_title, trackback_excerpt, trackback_url, trackback_blog_name, trackback_added, post_id) - values + values ('".addslashes($trackback['trackback_title']) ."', '".addslashes($trackback['trackback_excerpt']) ."', '".addslashes($trackback['trackback_url']) ."', @@ -574,12 +574,12 @@ '".$trackback['post_id'] ."') "; $res = mysql_query($query); - + if (!$res) return (false); - + $trackback_id = mysql_insert_id(); - + return ($trackback_id); } @@ -611,14 +611,14 @@ order by tr.trackback_added desc "; $res = mysql_query($query); - - if (!$res || !mysql_num_rows($res)) + + if (!$res || !mysql_num_rows($res)) return (false); - + $trackback_pings = array(); while ($row = mysql_fetch_assoc($res)) $trackback_pings[] = $row; - + return ($trackback_pings); } @@ -629,16 +629,16 @@ if (empty($email)) return (false); - if (eregi('(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)',$email) || !eregi ('^.+\@(\[?)[-a-zA-Z0-9\.]+\.([a-zA-Z]{2,3}|[0,9]{1,3})(\]?)$',$email)) { - return (false); - } - else { - list($user,$domain)=explode('@',$email); - if ((!eregi('^[a-zA-Z0-9\.\-]+$',$user)) || (!eregi('^[a-zA-Z0-9\.\-]+$',$domain))) { - return (false); + if (eregi('(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)',$email) || !eregi ('^.+\@(\[?)[-a-zA-Z0-9\.]+\.([a-zA-Z]{2,3}|[0,9]{1,3})(\]?)$',$email)) { + return (false); + } + else { + list($user,$domain)=explode('@',$email); + if ((!eregi('^[a-zA-Z0-9\.\-]+$',$user)) || (!eregi('^[a-zA-Z0-9\.\-]+$',$domain))) { + return (false); } - else { - return (true); + else { + return (true); } } } @@ -659,7 +659,7 @@ else { $outstr = eregi_replace( "([_\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\.([_\.a-z]{2,6})", '\\1 [at] \\2 [dot] \\3', $instr); } - + return ($outstr); } @@ -678,26 +678,26 @@ function clean_up_html ($contents, $mailto = false) { // strip tags $contents = preg_replace("'<!doctype[^>]*?>'si", "", $contents); // <!DOCTYPE - + $contents = preg_replace("'<body[^>]*?>'si", "", $contents); // <body $contents = eregi_replace ("</body>", "", $contents); - + $contents = preg_replace("'<html[^>]*?>'si", "", $contents); // <html - $contents = eregi_replace ("</html>", "", $contents); - + $contents = eregi_replace ("</html>", "", $contents); + $contents = preg_replace("'<link[^>]*?>'si", "", $contents); // <link - + // strip tags with content $contents = preg_replace("'<head[^>]*?>.*?</head>'si", "", $contents); // <head - + $contents = preg_replace("'<meta[^>]*?>.*?</meta>'si", "", $contents); // <meta - + $contents = preg_replace("'<script[^>]*?>.*?</script>'si", "", $contents); // <script - + $contents = preg_replace("'<style[^>]*?>.*?</style>'si", "", $contents); // <style - + $contents = preg_replace("'<title[^>]*?>.*?</title>'si", "", $contents); // <title - + // anti-spam $contents = antispam ($contents, $mailto); @@ -706,7 +706,7 @@ } function filter_html($body) -{ +{ $search = array ("'<script[^>]*?>.*?</script>'si", // Strip out javascript "'<[\/\!]*?[^<>]*?>'si", // Strip out HTML tags "'([\r\n])[\s]+'", // Strip out white space @@ -737,7 +737,7 @@ $body = preg_replace($search, $replace, $body); return $body; -} +} function create_thumbnail ($img_id, $img_ext, $maxwidth, $maxheight, $gd_version) { Index: config.inc.php =================================================================== RCS file: /cvsroot/comoblog/comoblog/include/config.inc.php,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- config.inc.php 15 Aug 2006 16:56:31 -0000 1.3 +++ config.inc.php 16 Aug 2006 01:12:41 -0000 1.4 @@ -1,6 +1,12 @@ <?php error_reporting (E_ALL ^ E_NOTICE); -require_once (dirname(__FILE__).'/param.inc.php'); +// ADDED IN 1.3 +/* TODO: we need to make sure that the upgrade will copy the file to this location + * previous versions just used param.inc.php, but thats a real bitch when you develope locally + * and deploy to your live site, as at some point the db and file path permissions will get copied up + * + */ +require_once (dirname(__FILE__).'/param.inc.'. $_SERVER['SERVER_NAME'].'.php'); // connect to db mysql_connect (CFG_MYSQL_HOST, CFG_MYSQL_USERNAME, CFG_MYSQL_PASSWORD) or die ('Error connecting to mySQL server'); @@ -49,7 +55,13 @@ $SIDEBAR_MODULES = array(); $POST_PRE_FILTERS = array(); $POST_POST_FILTERS = array(); -$COMMENT_FILTERS = array(); + + +// ADDED IN 1.3 +/* + * Comments now have pre and post filters + */ +//TODO: Check these work correctly - old ones should default to pre as thats what they originally did $COMMENT_PRE_FILTERS = array(); $COMMENT_POST_FILTERS = array(); $query = " @@ -63,12 +75,12 @@ if ($res) { while ($row = mysql_fetch_assoc($res)) { if ($row['mod_pos'] == 'sidebar') { - $SIDEBAR_MODULES[] = $row['mod_name']; + $SIDEBAR_MODULES[] = $row['mod_name']; } elseif ($row['mod_pos'] == 'top') { $TOP_MODULES[] = $row['mod_name']; } - + if ($row['mod_filter_posts'] == 'Y'){ $POST_PRE_FILTERS[] = $row['mod_name']; } @@ -80,9 +92,9 @@ } else if ($row['mod_filter_comments'] == 'O'){ $COMMENT_POST_FILTERS[] = $row['mod_name']; - } - - + } + + } } ?> |
