diff options
| -rw-r--r-- | design/style.css | 8 | ||||
| -rw-r--r-- | lib/blog/comment.php | 38 | ||||
| -rw-r--r-- | lib/blog/delcom.php | 12 | ||||
| -rw-r--r-- | lib/blog/delete.php | 3 | ||||
| -rw-r--r-- | lib/blog/edcom.php | 35 | ||||
| -rw-r--r-- | lib/blog/index.php | 15 | ||||
| -rw-r--r-- | lib/blog/view.php | 39 | ||||
| -rw-r--r-- | lib/conf/apps.php | 4 | ||||
| -rw-r--r-- | lib/conf/blog.php | 8 | ||||
| -rw-r--r-- | schema.sql | 24 | ||||
| -rw-r--r-- | tpl/blog/atom_feed.php | 37 | ||||
| -rw-r--r-- | tpl/blog/index.php | 15 | ||||
| -rw-r--r-- | tpl/blog/view.php | 50 |
13 files changed, 281 insertions, 7 deletions
diff --git a/design/style.css b/design/style.css index c3a5314..2a537f6 100644 --- a/design/style.css +++ b/design/style.css @@ -295,3 +295,11 @@ hr { margin-left: 16px; font-size: 1.2em; } + +.blog_post h3 { + margin: 0px; + padding: 0px; + margin-left: 16px; + margin-bottom: 10px; + font-size: 1.0em; +} diff --git a/lib/blog/comment.php b/lib/blog/comment.php new file mode 100644 index 0000000..4bda912 --- /dev/null +++ b/lib/blog/comment.php @@ -0,0 +1,38 @@ +<?php + +require("lib/markdown.php"); + +assert_redir(count($args) == 3, 'blog'); +$postid = intval($args[2]); + +$post = mysql_fetch_assoc(sql( + "SELECT blog_posts.id AS id, blog_posts.title AS title, + blog_posts.draft AS draft ". + "FROM blog_posts LEFT JOIN blog_tags ON blog_tags.post = blog_posts.id ". + "WHERE blog_posts.id = $postid" +)); + +assert_error($post && $post['draft'] == 0, + "This post does not exist."); + +$comment = ""; +if (isset($_POST['comment'])) { + $comment = esca($_POST['comment']); + $comment_html = Markdown($comment); + + if (trim($comment) == "") { + $error = "You cannot enter an empty comment."; + } else { + sql("INSERT INTO blog_comments(owner, post, text, text_html, date) ". + "VALUES(" . $user['id'] . ", $postid, '" . escs($comment) . "', '" . escs($comment_html) . "', NOW())"); + header("Location: view-blog-$postid"); + die(); + } +} + +$title = "Comment '" . $post['title'] . "'"; +$fields = array( + array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $comment), + ); +$validate = "Comment"; +require("tpl/general/form.php"); diff --git a/lib/blog/delcom.php b/lib/blog/delcom.php new file mode 100644 index 0000000..eaf93ec --- /dev/null +++ b/lib/blog/delcom.php @@ -0,0 +1,12 @@ +<?php + +assert_redir(count($args) >= 3, 'blog'); +$comid = intval($args[2]); + +$com = mysql_fetch_assoc(sql("SELECT post FROM blog_comments WHERE id = $comid")); +assert_error($com, + "This comment does not exist."); + +token_validate("Do you really want to delete this comment ?", "view-blog-" . $com['post']); +sql("DELETE FROM blog_comments WHERE id = $comid"); +header("Location: view-blog-" . $com['post']); diff --git a/lib/blog/delete.php b/lib/blog/delete.php index a57b5ac..bfc428b 100644 --- a/lib/blog/delete.php +++ b/lib/blog/delete.php @@ -5,9 +5,10 @@ $postid = intval($args[2]); $post = mysql_fetch_assoc(sql("SELECT owner FROM blog_posts WHERE id = $postid")); assert_error($post && $post['owner'] == $user['id'], - "This note does not exist, or you are not allowed to delete it."); + "This post does not exist, or you are not allowed to delete it."); token_validate("Do you really want to delete this post ?", "blog"); sql("DELETE FROM blog_posts WHERE id = $postid"); sql("DELETE FROM blog_tags WHERE post = $postid"); +sql("DELETE FROM blog_comments WHERE post = $postid"); header("Location: drafts-blog"); diff --git a/lib/blog/edcom.php b/lib/blog/edcom.php new file mode 100644 index 0000000..2b96ff9 --- /dev/null +++ b/lib/blog/edcom.php @@ -0,0 +1,35 @@ +<?php + +require("lib/markdown.php"); + +assert_redir(count($args) == 3, 'blog'); +$comid = intval($args[2]); + +$com = mysql_fetch_assoc(sql( + "SELECT blog_comments.owner AS owner, blog_comments.text AS text, blog_comments.post AS post ". + "FROM blog_comments WHERE id = $comid" + )); +assert_error($com && $com['owner'] == $user['id'], + "This comment does not exist, or you are not allowed to edit it."); + +$com_text = $com['text']; +if (isset($_POST['text'])) { + $com_text = esca($_POST['text']); + $com_text_html = Markdown($com_text); + if (trim($com_text) == "") { + $error = "You cannot enter an empty comment. If you want your comment to be deleted, please edit your comment so that it says so, and an administrator will delete it."; + } else { + sql("UPDATE blog_comments SET text = '" . escs($com_text) . "', text_html = '" . escs($com_text_html) . "' ". + "WHERE id = $comid");; + header("Location: view-blog-" . $com['post']); + die(); + } +} + +$title = "Edit comment"; +$fields = array( + array("label" => "Comment : ", "name" => "text", "value" => $com_text, "type" => "textarea"), + ); +$validate = "Edit comment"; + +require("tpl/general/form.php"); diff --git a/lib/blog/index.php b/lib/blog/index.php index aaeb969..dd353d3 100644 --- a/lib/blog/index.php +++ b/lib/blog/index.php @@ -1,6 +1,7 @@ <?php -$title = "What people write"; +require ("lib/conf/blog.php"); +$title = $blog_title; $filters = array ( "order" => array ( @@ -39,10 +40,13 @@ function count_in($fat, $v, $d) { $q = "SELECT blog_posts.id AS id, blog_posts.title AS title, blog_posts.date AS date, ". + "UNIX_TIMESTAMP(blog_posts.date) AS date_ts, ". "DATE_FORMAT(blog_posts.date, '%Y-%m') AS month, ". - "blog_posts.text_html AS text_html, GROUP_CONCAT(ba.tag SEPARATOR ', ') AS tags, ". + "blog_posts.text_html AS text_html, GROUP_CONCAT(DISTINCT ba.tag SEPARATOR ', ') AS tags, ". + "COUNT(DISTINCT blog_comments.id) AS comments, ". "account.login AS owner, account.id AS owner_id ". "FROM blog_posts LEFT JOIN account ON blog_posts.owner = account.id ". + "LEFT JOIN blog_comments ON blog_comments.post = blog_posts.id ". "LEFT JOIN blog_tags ba ON ba.post = blog_posts.id ". (isset($fvalues['tag']) ? "LEFT JOIN blog_tags bb ON bb.post = blog_posts.id AND bb.tag = '" . escs($fvalues['tag'])."' " : ""). "WHERE blog_posts.draft = 0 ". @@ -69,4 +73,9 @@ $can_post = ($user['priv'] >= $apps['blog']['drafts'] && $user['id'] != 0); $can_edit = ($user['priv'] >= $apps['blog']['edit'] && $user['id'] != 0); $can_delete = ($user['priv'] >= $apps['blog']['delete'] && $user['id'] != 0); -require("tpl/blog/index.php"); + +if (isset($fvalues['feed']) && $fvalues['feed'] == "atom") { + require("tpl/blog/atom_feed.php"); +} else { + require("tpl/blog/index.php"); +} diff --git a/lib/blog/view.php b/lib/blog/view.php new file mode 100644 index 0000000..15c4d6e --- /dev/null +++ b/lib/blog/view.php @@ -0,0 +1,39 @@ +<?php + + +assert_redir(count($args) == 3, 'blog'); +$postid = intval($args[2]); + +$post = mysql_fetch_assoc(sql( + "SELECT blog_posts.id AS id, blog_posts.title AS title, blog_posts.date AS date, + blog_posts.text AS text, blog_posts.text_html AS text_html, + blog_posts.draft AS draft, + account.login AS owner, blog_posts.owner AS owner_id, ". + "GROUP_CONCAT(blog_tags.tag SEPARATOR ', ') AS tags ". + "FROM blog_posts LEFT JOIN blog_tags ON blog_tags.post = blog_posts.id ". + "LEFT JOIN account ON blog_posts.owner = account.id ". + "WHERE blog_posts.id = $postid" +)); + +assert_error($post && $post['draft'] == 0, + "This post does not exist."); + +$comments = array(); +$c = sql( + "SELECT blog_comments.id AS id, blog_comments.text_html AS text_html, ". + "blog_comments.owner AS author_id, ". + "blog_comments.date AS date, account.login AS author ". + "FROM blog_comments ". + "LEFT JOIN account ON blog_comments.owner = account.id ". + "WHERE blog_comments.post = $postid ". + "ORDER BY date ASC" + ); +while ($o = mysql_fetch_assoc($c)) $comments[] = $o; + +$can_post = ($user['priv'] >= $apps['blog']['drafts'] && $user['id'] != 0); +$can_edit = ($user['priv'] >= $apps['blog']['edit'] && $user['id'] != 0); +$can_delete = ($user['priv'] >= $apps['blog']['delete'] && $user['id'] != 0); +$can_comment = ($user['priv'] >= $apps['blog']['comment'] && $user['id'] != 0); +$can_delcom = ($user['priv'] >= $apps['blog']['delcom'] && $user['id'] != 0); + +require("tpl/blog/view.php"); diff --git a/lib/conf/apps.php b/lib/conf/apps.php index b7f3c9d..8afeb2d 100644 --- a/lib/conf/apps.php +++ b/lib/conf/apps.php @@ -37,11 +37,15 @@ $apps = array( // Blogging application "blog" => array( "index" => 0, + "view" => 0, "drafts" => 1, "publish" => 1, "post" => 1, "edit" => 1, "delete" => 1, + "comment" => 1, + "edcom" => 1, + "delcom" => 2, ), // Studies application diff --git a/lib/conf/blog.php b/lib/conf/blog.php new file mode 100644 index 0000000..bb2ef09 --- /dev/null +++ b/lib/conf/blog.php @@ -0,0 +1,8 @@ +<?php + +$blog_title = "What people write"; + +// Used for the ATOM feed generation. +$blog_base_url = "http://localhost/alex.auvolat/"; + + @@ -1,10 +1,10 @@ -- phpMyAdmin SQL Dump --- version 3.4.10.1 +-- version 3.5.0 -- http://www.phpmyadmin.net -- -- Client: localhost --- Généré le : Dim 18 Mars 2012 à 13:58 --- Version du serveur: 5.5.21 +-- Généré le: Ven 13 Avril 2012 à 19:07 +-- Version du serveur: 5.5.22-log -- Version de PHP: 5.3.10 SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; @@ -92,6 +92,24 @@ CREATE TABLE IF NOT EXISTS `batch_study` ( -- -------------------------------------------------------- -- +-- Structure de la table `blog_comments` +-- + +CREATE TABLE IF NOT EXISTS `blog_comments` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `post` int(11) NOT NULL, + `owner` int(11) NOT NULL, + `text` text NOT NULL, + `text_html` text NOT NULL, + `date` datetime NOT NULL, + PRIMARY KEY (`id`), + KEY `post` (`post`), + KEY `owner` (`owner`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ; + +-- -------------------------------------------------------- + +-- -- Structure de la table `blog_posts` -- diff --git a/tpl/blog/atom_feed.php b/tpl/blog/atom_feed.php new file mode 100644 index 0000000..20dc0ea --- /dev/null +++ b/tpl/blog/atom_feed.php @@ -0,0 +1,37 @@ +<?php +header("Content-Type: application/xml"); + +echo '<?xml version="1.0" encoding="utf-8"?>'."\n"; +echo '<feed xmlns="http://www.w3.org/2005/Atom">'."\n"; +echo '<title>' . $blog_title . '</title>'."\n"; +echo '<id>' . $blog_base_url . "blog". "</id>\n"; +echo '<link href="' . $blog_base_url . "blog". '" rel="self" />' . "\n"; + + +function beginning($text, $len = 500) { + $text = preg_replace('#<.+>#isU', ' ', $text); + if (strlen($text) > $len) { + $text = substr($text, 0, $len)."..."; + } + return $text; +} + +foreach ($posts as $post) { + echo "\n<entry>\n"; + echo '<title>' . $post['title'] . "</title>\n"; + echo '<published>' . @date("c", $post['date_ts']) . "</published>\n"; + echo '<id>' . $blog_base_url . "view-blog-" . $post['id'] . "</id>\n"; + foreach (explode(', ', $post['tags']) as $tag) { + echo '<category term="' . $tag . '" />' . "\n"; + } + echo '<link href="' . $blog_base_url . "view-blog-" . $post['id'] . '" />' . "\n"; + echo '<summary type="html"><![CDATA['. beginning($post['text_html']) .']]></summary>' . "\n"; + echo '<content type="html"><![CDATA['. $post['text_html'] ."]]></content>\n"; + echo "<author><name>".$post['owner']."</name></author>\n"; + echo "</entry>\n"; +} + +echo '</feed>'; + +die(); + diff --git a/tpl/blog/index.php b/tpl/blog/index.php index 07e3388..6d07efa 100644 --- a/tpl/blog/index.php +++ b/tpl/blog/index.php @@ -17,6 +17,7 @@ foreach ($posts as $post) { echo ' | <a href="edit-blog-' . $post['id'] . '">edit</a>'; if ($can_delete && $post['owner_id'] == $user['id']) echo ' | <a href="delete-blog-' . $post['id'] . '">delete</a>'; + echo ' | <a href="view-blog-' . $post['id'] . '">read & comment (' . $post['comments'] . ')</a>'; echo '</div>'; echo '<div class="small_right">published ' . $post['date'] . '</div>'; if ($post['tags'] != '') { @@ -50,4 +51,18 @@ foreach ($fa as $kname => $kdata) { } } +echo "<h1>...</h1>"; +$ze = array(); +foreach ($fvalues as $k => $v) { $ze[] = "$k-$v"; } +$ze[] = "feed-atom"; +$zd = implode("-", $ze); +echo '<ul>'; +if (count($fvalues) > 0) { + echo '<li><a href="index-blog-' . $zd . '">Atom feed for this selection</a></li>'; + echo '<li><a href="index-blog-feed-atom">Homepage Atom feed</a></li>'; +} else { + echo '<li><a href="index-blog-feed-atom">Atom feed</a></li>'; +} +echo '</ul>'; + require("tpl/general/bottom.php"); diff --git a/tpl/blog/view.php b/tpl/blog/view.php new file mode 100644 index 0000000..0f0c89c --- /dev/null +++ b/tpl/blog/view.php @@ -0,0 +1,50 @@ +<?php + +$title = $post['title']; + +require("tpl/general/top.php"); + +echo '<div class="small_right">'; +echo 'Written by ' . $post['owner']; +if ($can_edit && $post['owner_id'] == $user['id']) + echo ' | <a href="edit-blog-' . $post['id'] . '">edit</a>'; +if ($can_delete && $post['owner_id'] == $user['id']) + echo ' | <a href="delete-blog-' . $post['id'] . '">delete</a>'; +if ($can_comment) + echo ' | <a href="comment-blog-' . $post['id'] . '">post comment</a>'; +echo '</div>'; +echo '<div class="small_right">published ' . $post['date'] . '</div>'; +if ($post['tags'] != '') { + echo '<div class="small_right">tags: ' . $post['tags'] . '</div>'; +} +echo $post['text_html']; + +echo '<h2>Comments</h2>'; + +if (count($comments) == 0) { + echo 'No comments at the moment.'; +} else { + foreach ($comments as $comment) { + echo '<div class="blog_post">'; + $a = array(); + if ($can_delcom) $a[] = '<a href="delcom-blog-' . $comment['id'] . '">delete</a>'; + if ($can_comment && $comment['author_id'] == $user['id']) + $a[] = '<a href="edcom-blog-' . $comment['id'] . '">edit</a>'; + if (count($a) > 0) + echo '<div class="small_right">' . implode(" | ", $a) . '</div>'; + + echo '<h3>' . $comment['date'] . ' by ' . $comment['author'] . '</h3>'; + echo '<div class="inside">' . $comment['text_html'] . '</div>'; + echo '</div>'; + } +} + +echo '<h3>Post a comment</h3>'; +if ($can_comment) { + echo '<form class="blog_post" method="POST" action="index.php?p=comment-blog-' . $post['id'] . '"><textarea name="comment" style="height: 200px"></textarea><br /><div class="empty_label"> </div><input type="submit" value="Comment" /></form>'; +} else { + echo 'Please log in or register to post a comment.'; +} + + +require("tpl/general/bottom.php"); |