diff options
| author | Starla Insigna <hatkirby@fourisland.com> | 2009-01-05 18:33:23 -0500 |
|---|---|---|
| committer | Starla Insigna <hatkirby@fourisland.com> | 2009-01-05 18:33:23 -0500 |
| commit | 9ba37f4643f825052c002bda16884ccc73f57ebc (patch) | |
| tree | 08379f2959d3c403012340daec008295d797c514 | |
| parent | 36879e223fa97ab0f354bd86af3e53c11b06b7b6 (diff) | |
| download | fourisland-9ba37f4643f825052c002bda16884ccc73f57ebc.tar.gz fourisland-9ba37f4643f825052c002bda16884ccc73f57ebc.tar.bz2 fourisland-9ba37f4643f825052c002bda16884ccc73f57ebc.zip | |
Improved anonymous commenting
There was a bug where, if an anonymous commenter used a username that was being used by an actual member, Four Island would think the anonymous commentor was actually the member.
| -rwxr-xr-x | includes/comments.php | 13 | ||||
| -rwxr-xr-x | includes/footer.php | 65 | ||||
| -rwxr-xr-x | pages/admin.php | 8 | ||||
| -rwxr-xr-x | pages/post.php | 4 |
4 files changed, 37 insertions, 53 deletions
| diff --git a/includes/comments.php b/includes/comments.php index d405279..f1b8228 100755 --- a/includes/comments.php +++ b/includes/comments.php | |||
| @@ -43,16 +43,17 @@ $getcomments2 = mysql_query($getcomments) or die($getcomments); | |||
| 43 | $i=0; | 43 | $i=0; |
| 44 | while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) | 44 | while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) |
| 45 | { | 45 | { |
| 46 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; | 46 | if ($getcomments3[$i]['is_anon'] == 0) |
| 47 | $getuser2 = mysql_query($getuser); | ||
| 48 | $getuser3 = mysql_fetch_array($getuser2); | ||
| 49 | |||
| 50 | if ($getuser3['username'] == $getcomments3[$i]['username']) | ||
| 51 | { | 47 | { |
| 48 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; | ||
| 49 | $getuser2 = mysql_query($getuser); | ||
| 50 | $getuser3 = mysql_fetch_array($getuser2); | ||
| 51 | |||
| 52 | $username = $getuser3['username']; | 52 | $username = $getuser3['username']; |
| 53 | $email = $getuser3['user_email']; | 53 | $email = $getuser3['user_email']; |
| 54 | $website = $getuser3['user_website']; | 54 | $website = $getuser3['user_website']; |
| 55 | } else { | 55 | } else if ($getcomments3[$i]['is_anon'] == 1) |
| 56 | { | ||
| 56 | $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; | 57 | $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; |
| 57 | $getanon2 = mysql_query($getanon); | 58 | $getanon2 = mysql_query($getanon); |
| 58 | $getanon3 = mysql_fetch_array($getanon2); | 59 | $getanon3 = mysql_fetch_array($getanon2); |
| diff --git a/includes/footer.php b/includes/footer.php index 0a93ae9..77d161b 100755 --- a/includes/footer.php +++ b/includes/footer.php | |||
| @@ -93,26 +93,26 @@ if (!isset($noRightbar)) | |||
| 93 | $i=0; | 93 | $i=0; |
| 94 | while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) | 94 | while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) |
| 95 | { | 95 | { |
| 96 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; | 96 | if ($getcomments3[$i]['is_anon'] == 0) |
| 97 | $getuser2 = mysql_query($getuser); | 97 | { |
| 98 | $getuser3 = mysql_fetch_array($getuser2); | 98 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; |
| 99 | 99 | $getuser2 = mysql_query($getuser); | |
| 100 | if ($getuser3['username'] == $getcomments3[$i]['username']) | 100 | $getuser3 = mysql_fetch_array($getuser2); |
| 101 | { | 101 | |
| 102 | $username = $getuser3['username']; | 102 | $username = $getuser3['username']; |
| 103 | $website = $getuser3['user_website']; | 103 | $website = $getuser3['user_website']; |
| 104 | } else { | 104 | } else if ($getcomments3[$i]['is_anon'] == 1) |
| 105 | $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; | 105 | { |
| 106 | $getanon2 = mysql_query($getanon); | 106 | $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; |
| 107 | $getanon3 = mysql_fetch_array($getanon2); | 107 | $getanon2 = mysql_query($getanon); |
| 108 | 108 | $getanon3 = mysql_fetch_array($getanon2); | |
| 109 | if ($getanon3['username'] == $getcomments3[$i]['username']) | 109 | |
| 110 | { | 110 | if ($getanon3['username'] == $getcomments3[$i]['username']) |
| 111 | $username = $getanon3['username'] . ' (Guest)'; | 111 | { |
| 112 | $website = $getanon3['website']; | 112 | $username = $getanon3['username'] . ' (Guest)'; |
| 113 | } | 113 | $website = $getanon3['website']; |
| 114 | } | 114 | } |
| 115 | 115 | } | |
| 116 | 116 | ||
| 117 | if (strpos($getcomments3[$i]['page_id'], 'updates') !== FALSE) | 117 | if (strpos($getcomments3[$i]['page_id'], 'updates') !== FALSE) |
| 118 | { | 118 | { |
| @@ -142,7 +142,7 @@ if (!isset($noRightbar)) | |||
| 142 | } | 142 | } |
| 143 | 143 | ||
| 144 | $users = array(); | 144 | $users = array(); |
| 145 | $getusers = "SELECT DISTINCT username FROM comments"; | 145 | $getusers = "SELECT DISTINCT username FROM comments WHERE is_anon = 0"; |
| 146 | $getusers2 = mysql_query($getusers); | 146 | $getusers2 = mysql_query($getusers); |
| 147 | $i=0; | 147 | $i=0; |
| 148 | while ($getusers3[$i] = mysql_fetch_array($getusers2)) | 148 | while ($getusers3[$i] = mysql_fetch_array($getusers2)) |
| @@ -151,25 +151,12 @@ if (!isset($noRightbar)) | |||
| 151 | $getcount2 = mysql_query($getcount); | 151 | $getcount2 = mysql_query($getcount); |
| 152 | $getcount3 = mysql_fetch_array($getcount2); | 152 | $getcount3 = mysql_fetch_array($getcount2); |
| 153 | 153 | ||
| 154 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getusers3[$i]['username'] . "\""; | 154 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getusers3[$i]['username'] . "\""; |
| 155 | $getuser2 = mysql_query($getuser); | 155 | $getuser2 = mysql_query($getuser); |
| 156 | $getuser3 = mysql_fetch_array($getuser2); | 156 | $getuser3 = mysql_fetch_array($getuser2); |
| 157 | |||
| 158 | if ($getuser3['username'] == $getusers3[$i]['username']) | ||
| 159 | { | ||
| 160 | $username = $getuser3['username']; | ||
| 161 | $website = $getuser3['user_website']; | ||
| 162 | } else { | ||
| 163 | $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getusers3[$i]['username'] . "\""; | ||
| 164 | $getanon2 = mysql_query($getanon); | ||
| 165 | $getanon3 = mysql_fetch_array($getanon2); | ||
| 166 | 157 | ||
| 167 | if ($getanon3['username'] == $getusers3[$i]['username']) | 158 | $username = $getuser3['username']; |
| 168 | { | 159 | $website = $getuser3['user_website']; |
| 169 | $username = $getanon3['username'] . ' (Guest)'; | ||
| 170 | $website = $getanon3['website']; | ||
| 171 | } | ||
| 172 | } | ||
| 173 | 160 | ||
| 174 | $name = (($website != '') ? '<A HREF="' . $website . '">' . $username . '</A>' : $username); | 161 | $name = (($website != '') ? '<A HREF="' . $website . '">' . $username . '</A>' : $username); |
| 175 | $users[] = array('name' => $name, 'count' => $getcount3['COUNT(*)']); | 162 | $users[] = array('name' => $name, 'count' => $getcount3['COUNT(*)']); |
| diff --git a/pages/admin.php b/pages/admin.php index 60bc73d..fda03c3 100755 --- a/pages/admin.php +++ b/pages/admin.php | |||
| @@ -539,14 +539,10 @@ if (isLoggedIn()) | |||
| 539 | 539 | ||
| 540 | if ($getcomment3['id'] == $_GET['id']) | 540 | if ($getcomment3['id'] == $_GET['id']) |
| 541 | { | 541 | { |
| 542 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomment3['author'] . "\""; | ||
| 543 | $getuser2 = mysql_query($getuser); | ||
| 544 | $getuser3 = mysql_fetch_array($getuser2); | ||
| 545 | |||
| 546 | $template = new FITemplate('admin/viewComment'); | 542 | $template = new FITemplate('admin/viewComment'); |
| 547 | $template->add('ID', $_GET['id']); | 543 | $template->add('ID', $_GET['id']); |
| 548 | $template->add('USERNAME', $getcomment3['author']); | 544 | $template->add('USERNAME', $getcomment3['author']); |
| 549 | $template->add('CODEDEMAIL', md5(strtolower($getuser3['user_email']))); | 545 | $template->add('CODEDEMAIL', md5(strtolower($getcomment3['email']))); |
| 550 | $template->add('TEXT', parseText($getcomment3['comment'])); | 546 | $template->add('TEXT', parseText($getcomment3['comment'])); |
| 551 | $template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); | 547 | $template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); |
| 552 | } else { | 548 | } else { |
| @@ -567,7 +563,7 @@ if (isLoggedIn()) | |||
| 567 | $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")"; | 563 | $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")"; |
| 568 | $insanon2 = mysql_query($insanon); | 564 | $insanon2 = mysql_query($insanon); |
| 569 | 565 | ||
| 570 | $inscomment = "INSERT INTO comments (page_id,username,comment) VALUES (\"" . $getcomment3['page_id'] . "\",\"" . $getcomment3['author'] . "\",\"" . $getcomment3['comment'] . "\")"; | 566 | $inscomment = "INSERT INTO comments (page_id,username,comment,is_anon) VALUES (\"" . $getcomment3['page_id'] . "\",\"" . $getcomment3['author'] . "\",\"" . $getcomment3['comment'] . "\",1)"; |
| 571 | $inscomment2 = mysql_query($inscomment); | 567 | $inscomment2 = mysql_query($inscomment); |
| 572 | 568 | ||
| 573 | $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; | 569 | $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; |
| diff --git a/pages/post.php b/pages/post.php index 48239cf..7d6dd08 100755 --- a/pages/post.php +++ b/pages/post.php | |||
| @@ -56,7 +56,7 @@ if (!isset($_GET['id'])) | |||
| 56 | { | 56 | { |
| 57 | if ($getanon3['email'] == $_POST['email']) | 57 | if ($getanon3['email'] == $_POST['email']) |
| 58 | { | 58 | { |
| 59 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . $_POST['username'] . "\", comment = \"" . $_POST['comment'] . "\""; | 59 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . $_POST['username'] . "\", comment = \"" . $_POST['comment'] . "\", is_anon = 1"; |
| 60 | $setcomment2 = mysql_query($setcomment); | 60 | $setcomment2 = mysql_query($setcomment); |
| 61 | 61 | ||
| 62 | $page_id = $_GET['id']; | 62 | $page_id = $_GET['id']; |
| @@ -84,7 +84,7 @@ if (!isset($_GET['id'])) | |||
| 84 | } | 84 | } |
| 85 | } | 85 | } |
| 86 | } else { | 86 | } else { |
| 87 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . getSessionUsername() . "\", comment = \"" . $_POST['comment'] . "\""; | 87 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . getSessionUsername() . "\", comment = \"" . $_POST['comment'] . "\", is_anon = 0"; |
| 88 | $setcomment2 = mysql_query($setcomment); | 88 | $setcomment2 = mysql_query($setcomment); |
| 89 | 89 | ||
| 90 | mail('hatkirby@fourisland.com', 'New comment on Four Island!', getSessionUsername() . ' has posted a comment on Four Island under the "page id" ' . $_GET['id']); | 90 | mail('hatkirby@fourisland.com', 'New comment on Four Island!', getSessionUsername() . ' has posted a comment on Four Island under the "page id" ' . $_GET['id']); |