Added : ATOM feed for blog ; abilty to comment posts.

13 files changed, 281 insertions, 7 deletions

diff --git a/design/style.css b/design/style.css
index c3a5314..2a537f6 100644
--- a/design/style.css
+++ b/design/style.css
@@ -295,3 +295,11 @@ hr {
 	margin-left: 16px;
 	font-size: 1.2em;
 }
+
+.blog_post h3 {
+	margin: 0px;
+	padding: 0px;
+	margin-left: 16px;
+	margin-bottom: 10px;
+	font-size: 1.0em;
+}
diff --git a/lib/blog/comment.php b/lib/blog/comment.php
new file mode 100644
index 0000000..4bda912
--- /dev/null
+++ b/lib/blog/comment.php
@@ -0,0 +1,38 @@
+<?php
+
+require("lib/markdown.php");
+
+assert_redir(count($args) == 3, 'blog');
+$postid = intval($args[2]);
+
+$post = mysql_fetch_assoc(sql(
+	"SELECT blog_posts.id AS id, blog_posts.title AS title,
+		blog_posts.draft AS draft ".
+	"FROM blog_posts LEFT JOIN blog_tags ON blog_tags.post = blog_posts.id ".
+	"WHERE blog_posts.id = $postid"
+));
+
+assert_error($post && $post['draft'] == 0,
+	"This post does not exist.");
+
+$comment = "";
+if (isset($_POST['comment'])) {
+	$comment = esca($_POST['comment']);
+	$comment_html = Markdown($comment);
+
+	if (trim($comment) == "") {
+		$error = "You cannot enter an empty comment.";
+	} else {
+		sql("INSERT INTO blog_comments(owner, post, text, text_html, date) ".
+			"VALUES(" . $user['id'] . ", $postid, '" . escs($comment) . "', '" . escs($comment_html) . "', NOW())");
+		header("Location: view-blog-$postid");
+		die();
+	}
+}
+
+$title = "Comment '" . $post['title'] . "'";
+$fields = array(
+	array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $comment),
+	);
+$validate = "Comment";
+require("tpl/general/form.php");
diff --git a/lib/blog/delcom.php b/lib/blog/delcom.php
new file mode 100644
index 0000000..eaf93ec
--- /dev/null
+++ b/lib/blog/delcom.php
@@ -0,0 +1,12 @@
+<?php
+
+assert_redir(count($args) >= 3, 'blog');
+$comid = intval($args[2]);
+
+$com = mysql_fetch_assoc(sql("SELECT post FROM blog_comments WHERE id = $comid"));
+assert_error($com,
+	"This comment does not exist.");
+
+token_validate("Do you really want to delete this comment ?", "view-blog-" . $com['post']);
+sql("DELETE FROM blog_comments WHERE id = $comid");
+header("Location: view-blog-" . $com['post']);
diff --git a/lib/blog/delete.php b/lib/blog/delete.php
index a57b5ac..bfc428b 100644
--- a/lib/blog/delete.php
+++ b/lib/blog/delete.php
@@ -5,9 +5,10 @@ $postid = intval($args[2]);
 
 $post = mysql_fetch_assoc(sql("SELECT owner FROM blog_posts WHERE id = $postid"));
 assert_error($post && $post['owner'] == $user['id'],
-	"This note does not exist, or you are not allowed to delete it.");
+	"This post does not exist, or you are not allowed to delete it.");
 
 token_validate("Do you really want to delete this post ?", "blog");
 sql("DELETE FROM blog_posts WHERE id = $postid");
 sql("DELETE FROM blog_tags WHERE post = $postid");
+sql("DELETE FROM blog_comments WHERE post = $postid");
 header("Location: drafts-blog");
diff --git a/lib/blog/edcom.php b/lib/blog/edcom.php
new file mode 100644
index 0000000..2b96ff9
--- /dev/null
+++ b/lib/blog/edcom.php
@@ -0,0 +1,35 @@
+<?php
+
+require("lib/markdown.php");
+
+assert_redir(count($args) == 3, 'blog');
+$comid = intval($args[2]);
+
+$com = mysql_fetch_assoc(sql(
+	"SELECT blog_comments.owner AS owner, blog_comments.text AS text, blog_comments.post AS post ".
+	"FROM blog_comments WHERE id = $comid"
+	));
+assert_error($com && $com['owner'] == $user['id'],
+	"This comment does not exist, or you are not allowed to edit it.");
+
+$com_text = $com['text'];
+if (isset($_POST['text'])) {
+	$com_text = esca($_POST['text']);
+	$com_text_html = Markdown($com_text);
+	if (trim($com_text) == "") {
+		$error = "You cannot enter an empty comment. If you want your comment to be deleted, please edit your comment so that it says so, and an administrator will delete it.";
+	} else {
+		sql("UPDATE blog_comments SET text = '" . escs($com_text) . "', text_html = '" . escs($com_text_html) . "' ".
+			"WHERE id = $comid");;
+		header("Location: view-blog-" . $com['post']);
+		die();
+	}
+}
+
+$title = "Edit comment";
+$fields = array(
+	array("label" => "Comment : ", "name" => "text", "value" => $com_text, "type" => "textarea"),
+	);
+$validate = "Edit comment";
+
+require("tpl/general/form.php");
diff --git a/lib/blog/index.php b/lib/blog/index.php
index aaeb969..dd353d3 100644
--- a/lib/blog/index.php
+++ b/lib/blog/index.php
@@ -1,6 +1,7 @@
 <?php
 
-$title = "What people write";
+require ("lib/conf/blog.php");
+$title = $blog_title;
 
 $filters = array (
 	"order" => array (
@@ -39,10 +40,13 @@ function count_in($fat, $v, $d) {
 
 $q =
 	"SELECT blog_posts.id AS id, blog_posts.title AS title, blog_posts.date AS date, ".
+	"UNIX_TIMESTAMP(blog_posts.date) AS date_ts, ".
 	"DATE_FORMAT(blog_posts.date, '%Y-%m') AS month, ".
-	"blog_posts.text_html AS text_html, GROUP_CONCAT(ba.tag SEPARATOR ',  ') AS tags, ".
+	"blog_posts.text_html AS text_html, GROUP_CONCAT(DISTINCT ba.tag SEPARATOR ',  ') AS tags, ".
+	"COUNT(DISTINCT blog_comments.id) AS comments, ".
 	"account.login AS owner, account.id AS owner_id ".
 	"FROM blog_posts LEFT JOIN account ON blog_posts.owner = account.id ".
+	"LEFT JOIN blog_comments ON blog_comments.post = blog_posts.id ".
 	"LEFT JOIN blog_tags ba ON ba.post = blog_posts.id ".
 	(isset($fvalues['tag']) ? "LEFT JOIN blog_tags bb ON bb.post = blog_posts.id AND bb.tag = '" . escs($fvalues['tag'])."' " : "").
 	"WHERE blog_posts.draft = 0 ".
@@ -69,4 +73,9 @@ $can_post = ($user['priv'] >= $apps['blog']['drafts'] && $user['id'] != 0);
 $can_edit = ($user['priv'] >= $apps['blog']['edit'] && $user['id'] != 0);
 $can_delete = ($user['priv'] >= $apps['blog']['delete'] && $user['id'] != 0);
 
-require("tpl/blog/index.php");
+
+if (isset($fvalues['feed']) && $fvalues['feed'] == "atom") {
+	require("tpl/blog/atom_feed.php");
+} else {
+	require("tpl/blog/index.php");
+}
diff --git a/lib/blog/view.php b/lib/blog/view.php
new file mode 100644
index 0000000..15c4d6e
--- /dev/null
+++ b/lib/blog/view.php
@@ -0,0 +1,39 @@
+<?php
+
+
+assert_redir(count($args) == 3, 'blog');
+$postid = intval($args[2]);
+
+$post = mysql_fetch_assoc(sql(
+	"SELECT blog_posts.id AS id, blog_posts.title AS title, blog_posts.date AS date,
+		blog_posts.text AS text, blog_posts.text_html AS text_html,
+		blog_posts.draft AS draft,
+		account.login AS owner, blog_posts.owner AS owner_id, ".
+	"GROUP_CONCAT(blog_tags.tag SEPARATOR ',  ') AS tags ".
+	"FROM blog_posts LEFT JOIN blog_tags ON blog_tags.post = blog_posts.id ".
+	"LEFT JOIN account ON blog_posts.owner = account.id ".
+	"WHERE blog_posts.id = $postid"
+));
+
+assert_error($post && $post['draft'] == 0,
+	"This post does not exist.");
+
+$comments = array();
+$c = sql(
+	"SELECT blog_comments.id AS id, blog_comments.text_html AS text_html, ".
+	"blog_comments.owner AS author_id, ".
+	"blog_comments.date AS date, account.login AS author ".
+	"FROM blog_comments ".
+	"LEFT JOIN account ON blog_comments.owner = account.id ".
+	"WHERE blog_comments.post = $postid ".
+	"ORDER BY date ASC"
+	);
+while ($o = mysql_fetch_assoc($c)) $comments[] = $o;
+
+$can_post = ($user['priv'] >= $apps['blog']['drafts'] && $user['id'] != 0);
+$can_edit = ($user['priv'] >= $apps['blog']['edit'] && $user['id'] != 0);
+$can_delete = ($user['priv'] >= $apps['blog']['delete'] && $user['id'] != 0);
+$can_comment = ($user['priv'] >= $apps['blog']['comment'] && $user['id'] != 0);
+$can_delcom = ($user['priv'] >= $apps['blog']['delcom'] && $user['id'] != 0);
+
+require("tpl/blog/view.php");
diff --git a/lib/conf/apps.php b/lib/conf/apps.php
index b7f3c9d..8afeb2d 100644
--- a/lib/conf/apps.php
+++ b/lib/conf/apps.php
@@ -37,11 +37,15 @@ $apps = array(
 	// Blogging application
 	"blog" => array(
 		"index" => 0,
+		"view" => 0,
 		"drafts" => 1,
 		"publish" => 1,
 		"post" => 1,
 		"edit" => 1,
 		"delete" => 1,
+		"comment" => 1,
+		"edcom" => 1,
+		"delcom" => 2,
 	),
 
 	// Studies application
diff --git a/lib/conf/blog.php b/lib/conf/blog.php
new file mode 100644
index 0000000..bb2ef09
--- /dev/null
+++ b/lib/conf/blog.php
@@ -0,0 +1,8 @@
+<?php
+
+$blog_title = "What people write";
+
+// Used for the ATOM feed generation.
+$blog_base_url = "http://localhost/alex.auvolat/";
+
+
diff --git a/schema.sql b/schema.sql
index f91acb2..1c858f2 100644
--- a/schema.sql
+++ b/schema.sql
@@ -1,10 +1,10 @@
 -- phpMyAdmin SQL Dump
--- version 3.4.10.1
+-- version 3.5.0
 -- http://www.phpmyadmin.net
 --
 -- Client: localhost
--- Généré le : Dim 18 Mars 2012 à 13:58
--- Version du serveur: 5.5.21
+-- Généré le: Ven 13 Avril 2012 à 19:07
+-- Version du serveur: 5.5.22-log
 -- Version de PHP: 5.3.10
 
 SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
@@ -92,6 +92,24 @@ CREATE TABLE IF NOT EXISTS `batch_study` (
 -- --------------------------------------------------------
 
 --
+-- Structure de la table `blog_comments`
+--
+
+CREATE TABLE IF NOT EXISTS `blog_comments` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `post` int(11) NOT NULL,
+  `owner` int(11) NOT NULL,
+  `text` text NOT NULL,
+  `text_html` text NOT NULL,
+  `date` datetime NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `post` (`post`),
+  KEY `owner` (`owner`)
+) ENGINE=InnoDB  DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ;
+
+-- --------------------------------------------------------
+
+--
 -- Structure de la table `blog_posts`
 --
 
diff --git a/tpl/blog/atom_feed.php b/tpl/blog/atom_feed.php
new file mode 100644
index 0000000..20dc0ea
--- /dev/null
+++ b/tpl/blog/atom_feed.php
@@ -0,0 +1,37 @@
+<?php
+header("Content-Type: application/xml");
+
+echo '<?xml version="1.0" encoding="utf-8"?>'."\n";
+echo '<feed xmlns="http://www.w3.org/2005/Atom">'."\n";
+echo '<title>' . $blog_title . '</title>'."\n";
+echo '<id>' . $blog_base_url . "blog". "</id>\n";
+echo '<link href="' . $blog_base_url . "blog". '" rel="self" />' . "\n";
+
+
+function beginning($text, $len = 500) {
+	$text = preg_replace('#<.+>#isU', ' ', $text);
+	if (strlen($text) > $len) {
+		$text = substr($text, 0, $len)."...";
+	}
+	return $text;
+}
+
+foreach ($posts as $post) {
+	echo "\n<entry>\n";
+	echo '<title>' . $post['title'] . "</title>\n";
+	echo '<published>' . @date("c", $post['date_ts']) . "</published>\n";
+	echo '<id>' . $blog_base_url . "view-blog-" . $post['id'] . "</id>\n";
+	foreach (explode(',  ', $post['tags']) as $tag) {
+		echo '<category term="' . $tag . '" />' . "\n";
+	}
+	echo '<link href="' . $blog_base_url . "view-blog-" . $post['id'] . '" />' . "\n";
+	echo '<summary type="html"><![CDATA['. beginning($post['text_html']) .']]></summary>' . "\n";
+	echo '<content type="html"><![CDATA['. $post['text_html'] ."]]></content>\n";
+	echo "<author><name>".$post['owner']."</name></author>\n";
+	echo "</entry>\n";
+}
+
+echo '</feed>';
+
+die();
+
diff --git a/tpl/blog/index.php b/tpl/blog/index.php
index 07e3388..6d07efa 100644
--- a/tpl/blog/index.php
+++ b/tpl/blog/index.php
@@ -17,6 +17,7 @@ foreach ($posts as $post) {
 		echo ' | <a href="edit-blog-' . $post['id'] . '">edit</a>';
 	if ($can_delete && $post['owner_id'] == $user['id'])
 		echo ' | <a href="delete-blog-' . $post['id'] . '">delete</a>';
+	echo ' | <a href="view-blog-' . $post['id'] . '">read & comment (' . $post['comments'] . ')</a>';
 	echo '</div>';
 	echo '<div class="small_right">published ' . $post['date'] . '</div>';
 	if ($post['tags'] != '') {
@@ -50,4 +51,18 @@ foreach ($fa as $kname => $kdata) {
 	}
 }
 
+echo "<h1>...</h1>";
+$ze = array();
+foreach ($fvalues as $k => $v) { $ze[] = "$k-$v"; }
+$ze[] = "feed-atom";
+$zd = implode("-", $ze);
+echo '<ul>';
+if (count($fvalues) > 0) {
+	echo '<li><a href="index-blog-' . $zd . '">Atom feed for this selection</a></li>';
+	echo '<li><a href="index-blog-feed-atom">Homepage Atom feed</a></li>';
+} else {
+	echo '<li><a href="index-blog-feed-atom">Atom feed</a></li>';
+}
+echo '</ul>';
+
 require("tpl/general/bottom.php");
diff --git a/tpl/blog/view.php b/tpl/blog/view.php
new file mode 100644
index 0000000..0f0c89c
--- /dev/null
+++ b/tpl/blog/view.php
@@ -0,0 +1,50 @@
+<?php
+
+$title = $post['title'];
+
+require("tpl/general/top.php");
+
+echo '<div class="small_right">';
+echo 'Written by ' . $post['owner'];
+if ($can_edit && $post['owner_id'] == $user['id'])
+	echo ' | <a href="edit-blog-' . $post['id'] . '">edit</a>';
+if ($can_delete && $post['owner_id'] == $user['id'])
+	echo ' | <a href="delete-blog-' . $post['id'] . '">delete</a>';
+if ($can_comment)
+	echo ' | <a href="comment-blog-' . $post['id'] . '">post comment</a>';
+echo '</div>';
+echo '<div class="small_right">published ' . $post['date'] . '</div>';
+if ($post['tags'] != '') {
+	echo '<div class="small_right">tags: ' . $post['tags'] . '</div>';
+}
+echo $post['text_html'];
+
+echo '<h2>Comments</h2>';
+
+if (count($comments) == 0) {
+	echo 'No comments at the moment.';
+} else {
+	foreach ($comments as $comment) {
+		echo '<div class="blog_post">';
+		$a = array();
+		if ($can_delcom) $a[] = '<a href="delcom-blog-' . $comment['id'] . '">delete</a>';
+		if ($can_comment && $comment['author_id'] == $user['id'])
+			$a[] = '<a href="edcom-blog-' . $comment['id'] . '">edit</a>';
+		if (count($a) > 0)
+			echo '<div class="small_right">' . implode(" | ", $a) . '</div>';
+
+		echo '<h3>' . $comment['date'] . ' by ' . $comment['author'] . '</h3>';
+		echo '<div class="inside">' . $comment['text_html'] . '</div>';
+		echo '</div>';
+	}
+}
+
+echo '<h3>Post a comment</h3>';
+if ($can_comment) {
+	echo '<form class="blog_post" method="POST" action="index.php?p=comment-blog-' . $post['id'] . '"><textarea name="comment" style="height: 200px"></textarea><br /><div class="empty_label">&nbsp;</div><input type="submit" value="Comment" /></form>';
+} else {
+	echo 'Please log in or register to post a comment.';
+}
+
+
+require("tpl/general/bottom.php");