Menu
▾
▴
[CVS] openbash-org/modules Quote.php,1.2,1.3 common.php,1.2,1.3
|
From: Javier B. <jb...@us...> - 2004-11-15 20:26:43
|
Update of /cvsroot/openbash-org/openbash-org/modules In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv19219/modules Modified Files: Quote.php common.php Log Message: mas quote Index: Quote.php =================================================================== RCS file: /cvsroot/openbash-org/openbash-org/modules/Quote.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** Quote.php 15 Nov 2004 12:39:20 -0000 1.2 --- Quote.php 15 Nov 2004 20:26:25 -0000 1.3 *************** *** 11,16 **** { global $add;?> ! <form id="addquote" action="?page=quote&action=add&insert=1" method="post"> <p><textarea id="quote" name="quote" class="textarea" cols="60%" rows="10"></textarea></p> <p> <input type="button" id="preview" value="<?=$add['preview'];?>" /> --- 11,19 ---- { global $add;?> ! <form id="addquote" action="?page=quote&action=insert" method="post"> <p><textarea id="quote" name="quote" class="textarea" cols="60%" rows="10"></textarea></p> + <p><input type="text" id="author" name="author" /><?=$add['author'];?></p> + <p><input type="text" id="channel" name="channel" /><?=$add['channel'];?></p> + <p><input type="text" id="network" name="network" /><?=$add['network'];?></p> <p> <input type="button" id="preview" value="<?=$add['preview'];?>" /> *************** *** 23,29 **** } ! function insert_quote() { } --- 26,54 ---- } ! function insert_quote($quote, $author, $channel, $network, $ip) { + include ("config.php"); + $quote = nl2br(variable_clean($quote)); + //$author = check_email($author); + $channel = variable_clean($channel); + $network = variable_clean($network); + //$ip = check_ipv4($ip); + $purge = 0; // by default the quote is not purged, of course xD + $pending = 1; // by default quote gets marked as pending until an admin validates it + $sql = "INSERT INTO quote + (`id`,`points`,`quote`,`purge`,`author`,`channel`,`network`,`pending`,`ip`) + VALUES ( + '', + '$points', + '$quote', + '$purge', + '$author', + '$channel', + '$network', + '$pending', + '$ip')"; + $ins = $bd->_Execute($sql); + $this->mail_warning($author, $quote, $ip); } *************** *** 31,35 **** { include ("config.php"); ! $sql = "SELECT points,quote,author,channel,network,ip FROM quote WHERE id='$id'"; $quote = $bd->_Execute($sql); if($quote->RecordCount() == 1) { ?> --- 56,60 ---- { include ("config.php"); ! $sql = "SELECT points,quote,author,channel,network,ip FROM quote WHERE id='$id' AND quote.purge=0 AND pending=0"; $quote = $bd->_Execute($sql); if($quote->RecordCount() == 1) { ?> *************** *** 47,53 **** { include ("config.php"); ! $sql = "SELECT id FROM quote ORDER BY id $order LIMIT $start,$end"; $ids = $bd->_Execute($sql); ! if($ids->RecordCount()) { while (!$ids->EOF) { $this->show_quote($ids->fields['id']); $ids->MoveNext(); } } else { return (0); } --- 72,78 ---- { include ("config.php"); ! $sql = "SELECT id FROM quote WHERE quote.purge=0 AND pending=0 ORDER BY id $order LIMIT $start,$end"; $ids = $bd->_Execute($sql); ! if($ids->RecordCount()) { while (!$ids->EOF) { $this->show_quote($ids->fields['id']); $ids->MoveNext(); } } else { return (0); } *************** *** 57,61 **** { include ("config.php"); ! $sql = "SELECT id FROM quote ORDER BY points LIMIT $top"; $ids = $bd->_Execute($sql); if($ids->RecordCount()) { ?> --- 82,86 ---- { include ("config.php"); ! $sql = "SELECT id FROM quote purge=0 AND pending=0 ORDER BY points LIMIT $top"; $ids = $bd->_Execute($sql); if($ids->RecordCount()) { ?> *************** *** 67,69 **** --- 92,110 ---- } else { return (0); } } + + function mail_warning($author, $quote, $ip) + { + include ("config.php"); + $rcpt = $moderator_email; + $subject = "[ OpenBash ] new quote inserted by $author"; + $body = "The following quote has been inserted and marked as pending until a moderator aproves it: + + $quote + + by: $author ($ip) + + * Please visit the admin page to validate: http://$_SERVER[SERVER_NAME]/?page=admin"; + $from = "From: webmaster@$_SERVER[SERVER_NAME]\nReply-To: $email\nX-Mailer: VLog MSG Alert System"; + mail($rcpt, $subject, $body, $from); + } } Index: common.php =================================================================== RCS file: /cvsroot/openbash-org/openbash-org/modules/common.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** common.php 15 Nov 2004 12:09:43 -0000 1.2 --- common.php 15 Nov 2004 20:26:28 -0000 1.3 *************** *** 5,9 **** $allowed='<a><br><b><h1><h2>'. '<h3><h4><i><code>' . ! '<li><ol><p><strong>' . '<u><ul><span><pre>'; $tmp = str_replace ('--', '', $var); --- 5,9 ---- $allowed='<a><br><b><h1><h2>'. '<h3><h4><i><code>' . ! '<li><ol><p><strong>'. '<u><ul><span><pre>'; $tmp = str_replace ('--', '', $var); *************** *** 14,101 **** } ! /* ! * arregla una cadena para quitarle ! * caracteres no deseados ! */ ! function corregir_texto($texto) ! { ! $texto = trim ($texto); #quitamos espacios al principio y final de la cadena ! $texto = addslashes ($texto); #añadimos barras invertidas a ', "", etc ! $texto = quotemeta ($texto); #añadimos barras invertidas a ·, \\, [, $, etc ! $texto = strip_tags ($texto); #quita marcas PHP o HTML de una cadena ! return ($texto); ! } ! ! /* ! * parsear un numero ! */ ! function corregir_num($num) ! { ! $num = (int)$num; ! return ($num); ! } ! ! /* ! * validar un nick ! * que sea a-zA-Z_ y numeros solo ! * por ejemplo: ender3 o ender_ ! */ ! ! function valida_nick ($nick) ! { ! # if (!ereg("^[a-zA-Z_]+[a-zA-Z0-9_]*$", $nick)) { ! if (!ereg("^_*-*\^?\[*[A-Za-z][0-9A-Za-z]*[0-9A-Za-z]*_*-*\^*", $nick)) { ! ! /* ! * FIXME: Un nick puede contener ^, -, ', y casi cualquier cosa. ! */ ! ! echo "Un nick solo puede contener caracteres validos del abecedario, numeros, o guion bajo '_', por ejemplo: pepe22_"; ! return (0); ! } else { ! $nick = addslashes ($nick); ! return ($nick); ! } ! } ! ! /* ! * validar un nombre: a-z,ñ,acentos,., etc ! */ ! ! function valida_nombre ($nombre) ! { ! if (!ereg("^[a-zA-ZñÑ0-9]+[a-zA-ZñÑ0-9. ]*$", $nombre)) { ! echo "Un nombre o apellido solo puede contener caracteres de la A a la Z, incluyendo ñ, acentos, espacio en blanco y el punto."; ! return (0); ! } ! return (1); ! } ! ! /* ! * validar una frase: ! * a-z,ñ,acentos,comas,puntos,etc ! */ ! ! function valida_frase($frase) { ! /* ! * FIXME: La frase debería tener cualquier símbolo. Concretamente <> suelen delimitar el nick ! */ ! ! if (!ereg("^[a-zA-ZñÑ0-9]+[a-zA-ZñÑ0-9\,\.\;- ]*$", $frase)) { ! echo "No puede introducir simbolos como <,>,*, o cualquier tipo de comillas, simples o dobles."; ! return (0); ! } ! return (1); } /* ! * validar URL */ ! function valida_url($url) { if (!ereg("^http://w{0,3}\.?[0-9A-Za-z]+\.?[0-9A-Za-z]+\.[0-9A-Za-z]{3}/?.*", $url)) { ! echo "La página web introducida no es correcta, corríjala"; return (0); } --- 14,31 ---- } ! function get_ipaddr() { ! if (!empty($_SERVER['REMOTE_ADDR'])) { return ($_SERVER['REMOTE_ADDR']); } ! else { return ($_SERVER['HTTP_X_FORWARDED_FOR']); } } /* ! * validate URL */ ! function check_url($url) { if (!ereg("^http://w{0,3}\.?[0-9A-Za-z]+\.?[0-9A-Za-z]+\.[0-9A-Za-z]{3}/?.*", $url)) { ! echo "La página web introducida no es correcta, corríjala"; return (0); } *************** *** 104,111 **** /* ! * comprobar IPv4 */ ! function valida_ipv4($ip) { if (eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", $ip)) { --- 34,41 ---- /* ! * validate IPv4 */ ! function check_ipv4($ip) { if (eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", $ip)) { *************** *** 129,136 **** /* ! * validar email */ ! function valida_email($email_raw) { $email_nr = eregi_replace("\n", "", $email_raw); --- 59,66 ---- /* ! * validate email address */ ! function check_email($email_raw) { $email_nr = eregi_replace("\n", "", $email_raw); *************** *** 151,172 **** } return (1); ! } else ! return (1); } } - - /* - * generar codigo de seguridad - * por el SPAM WEB - */ - function spamcode($length) { for ($i = 1; $i <= $length; $i++) { ! if ($i == 1) ! $randnum = rand(0, 9); ! else ! $randnum .= rand(0, 9); } return ($randnum); --- 81,94 ---- } return (1); ! } else { return (1); } } } function spamcode($length) { for ($i = 1; $i <= $length; $i++) { ! if ($i == 1) { ! $randnum = rand(0, 9); ! } else { $randnum .= rand(0, 9); } } return ($randnum); *************** *** 181,183 **** } ?> - --- 103,104 ---- |
