summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorStarla Insigna <starla4444@gmail.com>2011-02-20 07:30:35 -0500
committerStarla Insigna <starla4444@gmail.com>2011-02-20 07:30:35 -0500
commit87b42536198dfab02de616f9ba1e68ea307cce90 (patch)
treea595f2b988cf935a2caaa8dee51b81d5ce001a59
parenta4976f966f0de5abc11235e8decb760ad79ecad1 (diff)
downloadfourisland-87b42536198dfab02de616f9ba1e68ea307cce90.tar.gz
fourisland-87b42536198dfab02de616f9ba1e68ea307cce90.tar.bz2
fourisland-87b42536198dfab02de616f9ba1e68ea307cce90.zip
Disabled anonymous submission of quotes
A blog post explaining why will be posted soon.
-rwxr-xr-xpages/quotes.php7
-rwxr-xr-xtheme/quotes/add.tpl4
2 files changed, 8 insertions, 3 deletions
diff --git a/pages/quotes.php b/pages/quotes.php index f47dbd3..9524cd0 100755 --- a/pages/quotes.php +++ b/pages/quotes.php
@@ -70,14 +70,15 @@ if (isset($_GET['id']) && !(is_numeric($_GET['id'])))
70 $template = new FITemplate('quotes/add'); 70 $template = new FITemplate('quotes/add');
71 if (isset($_GET['submit'])) 71 if (isset($_GET['submit']))
72 { 72 {
73 $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlspecialchars($_POST['rash_quote']))));
74 if (!isLoggedIn()) 73 if (!isLoggedIn())
75 { 74 {
76 $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; 75 $template->adds_block('ERROR', array('exi'=>1));
77 } else { 76 } else {
78 $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . time() . "\")"; 77 $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . time() . "\")";
78 $insquote2 = mysql_query($insquote);
79
80 $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlspecialchars($_POST['rash_quote']))));
79 } 81 }
80 $insquote2 = mysql_query($insquote);
81 } 82 }
82 $template->display(); 83 $template->display();
83} elseif ($_GET['act'] == 'bottom') 84} elseif ($_GET['act'] == 'bottom')
diff --git a/theme/quotes/add.tpl b/theme/quotes/add.tpl index 6c45876..f55615d 100755 --- a/theme/quotes/add.tpl +++ b/theme/quotes/add.tpl
@@ -9,6 +9,10 @@
9 Also, there is no need to press the submit button again. You're quote has already been sent.</p> 9 Also, there is no need to press the submit button again. You're quote has already been sent.</p>
10<!--END SUBMITTED--> 10<!--END SUBMITTED-->
11 11
12<!--BEGIN ERROR-->
13 <p class="light-at-night">Sorry, for the time being, because of the massive problem we are having with spam, anonymous submission of quotes is disabled. If you have an account, you can still log in and submit a quote.</p>
14<!--END ERROR-->
15
12<form action="/quotes/add.php?submit=" method="POST"> 16<form action="/quotes/add.php?submit=" method="POST">
13 <textarea cols="80" rows="5" name="rash_quote"></textarea><br /> 17 <textarea cols="80" rows="5" name="rash_quote"></textarea><br />
14 <input type="submit" value="Add Quote!" /> 18 <input type="submit" value="Add Quote!" />