summary refs log tree commit diff stats
path: root/pages/quotes.php
diff options
context:
space:
mode:
authorStarla Insigna <hatkirby@fourisland.com>2009-08-09 09:14:58 -0400
committerStarla Insigna <hatkirby@fourisland.com>2009-08-09 09:14:58 -0400
commit893957c41481a0cd5eb624096337762ffa54ff28 (patch)
tree09d2487f8add5a6281e3482a471abf21faa4f819 /pages/quotes.php
parentd27a3784c81f0c582e43655509e806978b7e65e4 (diff)
downloadfourisland-893957c41481a0cd5eb624096337762ffa54ff28.tar.gz
fourisland-893957c41481a0cd5eb624096337762ffa54ff28.tar.bz2
fourisland-893957c41481a0cd5eb624096337762ffa54ff28.zip
Created layout 7
The following changes were also made in this revision:

* All HTML was changed to XHTML and a !DOCTYPE was included to reflect this
* Rewrote quotes tracking system to be much less complicated and actually working
* Changed quotes rendering to look more like Chirpy than Rash
* Fixed comment textarea bug
* Rewrote a ton of CSS so it's not as bloated
* Added a JavaScript confirmation when deleting a comment
* AJAXified voting on the POTW
* AJAXified voting and flagging quotes
* AJAXified commenting
* AJAXified voting on posts
* Added DateFinder back after it was accidentally deleted in Layout 4.5

The following database changes must be performed as soon as possible:

* Fix title of NO <!DOCTYPE> post (the &lt; is missing the semicolon)
* Restore post Frasty Tha Snaman from a backup
* Reset "flag" field of all rows in "rash_quotes" to 0
* Remove the "vote" and "flag" columns of "rash_tracking"
* Rename the "quote_id" column of "rash_tracking" to "vote"

The following external code changes must also be performed as soon as possible:

* Add the following line to the end of the // Four Island block in The Fourm's functions.php:
  require('/svr/www/hatkirby/fourisland/main/includes/specialdates.php');
Diffstat (limited to 'pages/quotes.php')
-rwxr-xr-xpages/quotes.php261
1 files changed, 130 insertions, 131 deletions
diff --git a/pages/quotes.php b/pages/quotes.php index 6db3cb0..4e0332f 100755 --- a/pages/quotes.php +++ b/pages/quotes.php
@@ -24,70 +24,92 @@ require('headerproc.php');
24 24
25$pageCategory = 'quotes'; 25$pageCategory = 'quotes';
26 26
27if (isset($_GET['id'])) 27$hatNav = array( array( 'title' => 'Latest',
28 'url' => 'http://fourisland.com/quotes/latest.php',
29 'icon' => '16-star-hot'
30 ),
31 array( 'title' => 'Best',
32 'url' => 'http://fourisland.com/quotes/top.php',
33 'icon' => 'medal_gold_1'
34 ),
35 array( 'title' => 'Worst',
36 'url' => 'http://fourisland.com/quotes/bottom.php',
37 'icon' => '16-message-warn'
38 ),
39 array( 'title' => 'Browse All',
40 'url' => 'http://fourisland.com/quotes/browse.php',
41 'icon' => '16-file-archive'
42 ),
43 array( 'title' => 'Random',
44 'url' => 'http://fourisland.com/quotes/random.php',
45 'icon' => '16-clock'
46 ),
47 array( 'title' => 'Add',
48 'url' => 'http://fourisland.com/quotes/add.php',
49 'icon' => '16-em-pencil'
50 ),
51 array( 'title' => 'Search',
52 'url' => 'http://fourisland.com/quotes/search.php',
53 'icon' => 'book_open'
54 ));
55
56if (isset($_GET['id']) && is_numeric($_GET['id']))
28{ 57{
29 $quote_num = $_GET['id']; 58 $quote_num = $_GET['id'];
30} 59}
31 60
32if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest')) 61if (isset($_GET['id']) && !(is_numeric($_GET['id'])))
62{
63 generateError('404');
64} else if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest'))
33{ 65{
34 $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY id DESC LIMIT 50"; 66 $query = "SELECT * FROM rash_quotes ORDER BY id DESC LIMIT 50";
35 quote_generation($query, "Latest", -1); 67 quote_generation($query, "Latest", -1);
36} else if ($_GET['act'] == 'add') 68} else if ($_GET['act'] == 'add')
37{ 69{
38 $template = new FITemplate('quotes/add'); 70 $template = new FITemplate('quotes/add');
39 if (isset($_GET['submit'])) 71 if (isset($_GET['submit']))
40 { 72 {
41 $template->adds_block('SUBMITTED',array('QUOTE' => (nl2br(htmlspecialchars($_POST['rash_quote'])) . "\n"))); 73 $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities($_POST['rash_quote']))));
42 if (!isLoggedIn()) 74 if (!isLoggedIn())
43 { 75 {
44 $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; 76 $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")";
45 } else { 77 } else {
46 $today = mktime(date('G'),date('i'),date('s'),date('m'),date('d'),date('Y')); 78 $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . time() . "\")";
47 $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . $today . "\")";
48 } 79 }
49 $insquote2 = mysql_query($insquote); 80 $insquote2 = mysql_query($insquote);
50 } 81 }
51 $template->display(); 82 $template->display();
52} elseif ($_GET['act'] == 'bottom') 83} elseif ($_GET['act'] == 'bottom')
53{ 84{
54 $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating < 0 ORDER BY rating ASC LIMIT 50"; 85 $query = "SELECT * FROM rash_quotes WHERE rating < 0 ORDER BY rating ASC LIMIT 50";
55 quote_generation($query, "Bottom", -1); 86 quote_generation($query, "Bottom", -1);
56} elseif ($_GET['act'] == 'browse') 87} elseif ($_GET['act'] == 'browse')
57{ 88{
58 $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY id ASC "; 89 $query = "SELECT * FROM rash_quotes ORDER BY id ASC ";
59 quote_generation($query, "Browse", (isset($_GET['page']) ? $_GET['page'] : 1), 10, 5); 90 quote_generation($query, "Browse", (isset($_GET['page']) ? $_GET['page'] : 1), 10, 5);
60} elseif ($_GET['act'] == 'flag') 91} elseif ($_GET['act'] == 'flag')
61{ 92{
62 $template = new FITemplate('msg'); 93 $getfla = "SELECT * FROM rash_quotes WHERE id = " . $quote_num . " LIMIT 0,1";
63 $tracking_verdict = user_quote_status('flag', $quote_num, $template); 94 $getfla2 = mysql_query($getfla);
64 if ($tracking_verdict < 3) 95 $getfla3 = mysql_fetch_array($getfla2);
96
97 if ($getfla3['flag'] == 2)
65 { 98 {
66 $getfla = "SELECT flag FROM rash_quotes WHERE id = " . $quote_num . " LIMIT 0,1"; 99 die('0');
67 $getfla2 = mysql_query($getfla); 100 } else {
68 $getfla3 = mysql_fetch_array($getfla2); 101 $setfla = "UPDATE rash_quotes SET flag = 1 WHERE id = " . $quote_num;
102 $setfla2 = mysql_query($setfla);
69 103
70 if ($getfla3['flag'] == 2) 104 die('1');
71 {
72 $template->add('MSG',"This quote has been flagged and rechecked by a moderator already.");
73 } elseif ($getfla3['flag'] == 1)
74 {
75 $template->add('MSG',"This quote is currently pending deletion.");
76 } else {
77 $template->add('MSG',"You have marked this quote for deletion.");
78 $setfla = "UPDATE rash_quotes SET flag = 1 WHERE id = " . $quote_num;
79 $setfla2 = mysql_query($setfla);
80 }
81 } 105 }
82 $template->add('BACK','Quote #' . $quote_num);
83 $template->display();
84} elseif ($_GET['act'] == 'random') 106} elseif ($_GET['act'] == 'random')
85{ 107{
86 $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY rand() LIMIT 50"; 108 $query = "SELECT * FROM rash_quotes ORDER BY rand() LIMIT 50";
87 quote_generation($query, "Random", -1); 109 quote_generation($query, "Random", -1);
88} elseif ($_GET['act'] == 'random2') 110} elseif ($_GET['act'] == 'random2')
89{ 111{
90 $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating > 1 ORDER BY rand() LIMIT 50"; 112 $query = "SELECT * FROM rash_quotes WHERE rating > 1 ORDER BY rand() LIMIT 50";
91 quote_generation($query, "Random2", -1); 113 quote_generation($query, "Random2", -1);
92} elseif ($_GET['act'] == 'search') 114} elseif ($_GET['act'] == 'search')
93{ 115{
@@ -99,22 +121,24 @@ if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest'))
99 } else { 121 } else {
100 $how = 'asc'; 122 $how = 'asc';
101 } 123 }
102 $getquotes = "SELECT id, quote, rating, flag FROM rash_quotes WHERE quote LIKE \"%" . $_POST['search'] . "%\" ORDER BY " . $_POST['sortby'] . " " . $how . " LIMIT 0," . $_POST['number']; 124 $getquotes = "SELECT * FROM rash_quotes WHERE quote LIKE \"%" . $_POST['search'] . "%\" ORDER BY " . $_POST['sortby'] . " " . $how . " LIMIT 0," . $_POST['number'];
103 quote_generation($getquotes, "Query Results", -1); 125 quote_generation($getquotes, "Query Results", -1);
104 } 126 }
105 $template = new FITemplate('quotes/search'); 127 $template = new FITemplate('quotes/search');
106 $template->display(); 128 $template->display();
107} elseif ($_GET['act'] == 'top') 129} elseif ($_GET['act'] == 'top')
108{ 130{
109 $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating > 0 ORDER BY rating DESC LIMIT 50"; 131 $query = "SELECT * FROM rash_quotes WHERE rating > 0 ORDER BY rating DESC LIMIT 50";
110 quote_generation($query, "Top", -1); 132 quote_generation($query, "Top", -1);
111} elseif ($_GET['act'] == 'vote') 133} elseif ($_GET['act'] == 'vote')
112{ 134{
113 $template = new FITemplate('msg'); 135 $gettrack = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\"";
114 $tracking_verdict = user_quote_status('vote', $quote_num,$template); 136 $gettrack2 = mysql_query($gettrack);
115 $template->add('BACK','Quote #' . $quote_num); 137 $gettrack3 = mysql_fetch_array($gettrack2);
116 $template->display(); 138
117 if ($tracking_verdict < 3) 139 $trackArr = explode(',',$gettrack3['vote']);
140
141 if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($quote_num,$trackArr) === FALSE))
118 { 142 {
119 if ($_GET['dir'] == "plus") 143 if ($_GET['dir'] == "plus")
120 { 144 {
@@ -125,18 +149,32 @@ if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest'))
125 $setquote = "UPDATE rash_quotes SET rating = rating-1 WHERE id = " . $quote_num; 149 $setquote = "UPDATE rash_quotes SET rating = rating-1 WHERE id = " . $quote_num;
126 $setquote2 = mysql_query($setquote); 150 $setquote2 = mysql_query($setquote);
127 } 151 }
128 }
129} else {
130 if ((is_int($_GET['act']) || ($_GET['act'] != false)) && (verify_int($_GET['act'])))
131 {
132 $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE id = " . $_GET['act'];
133 quote_generation($query, "#" . $_GET['act'], -1);
134 152
135 $page_id = 'quote-' . $_GET['act']; 153 if ($gettrack3['ip'] == $_SERVER['REMOTE_ADDR'])
136 include('includes/comments.php'); 154 {
155 $settrack = "UPDATE rash_tracking SET vote = \"" . $gettrack3['vote'] . "," . $quote_num . "\" WHERE id = " . $gettrack3['id'];
156 } else {
157 $settrack = "INSERT INTO tracking (ip,vote) VALUES (\"" . $_SERVER['REMOTE_ADDR'] . "\",\"" . $quote_num . "\")";
158 }
159 $settrack2 = mysql_query($settrack) or die($settrack);
160
161 $getquote = "SELECT * FROM rash_quotes WHERE id = " . $quote_num;
162 $getquote2 = mysql_query($getquote);
163 $getquote3 = mysql_fetch_array($getquote2);
164
165 die($getquote3['rating']);
137 } else { 166 } else {
138 generateError('404'); 167 die;
139 } 168 }
169} else if (is_numeric($_GET['act']))
170{
171 $query = "SELECT * FROM rash_quotes WHERE id = " . $_GET['act'];
172 quote_generation($query, "#" . $_GET['act'], -1);
173
174 $page_id = 'quote-' . $_GET['act'];
175 include('includes/comments.php');
176} else {
177 generateError('404');
140} 178}
141 179
142function quote_generation($query, $origin, $page = 1, $quote_limit = 50, $page_limit = 10) 180function quote_generation($query, $origin, $page = 1, $quote_limit = 50, $page_limit = 10)
@@ -152,13 +190,56 @@ function quote_generation($query, $origin, $page = 1, $quote_limit = 50, $page_l
152 } 190 }
153 $template->add('ORIGIN',$origin); 191 $template->add('ORIGIN',$origin);
154 192
193 $gettrack = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\"";
194 $gettrack2 = mysql_query($gettrack);
195 $gettrack3 = mysql_fetch_array($gettrack2);
196
197 $trackArr = explode(',',$gettrack3['vote']);
198
155 $getquotes2 = mysql_query($query); 199 $getquotes2 = mysql_query($query);
156 $i=0; 200 $i=0;
157 while ($getquotes3[$i] = mysql_fetch_array($getquotes2)) 201 while ($getquotes3[$i] = mysql_fetch_array($getquotes2))
158 { 202 {
159 $template->adds_block('QUOTES',array( 'NUMBER' => $getquotes3[$i]['id'], 203 if (!isset($curID))
160 'RATING' => $getquotes3[$i]['rating'], 204 {
161 'QUOTE' => parseSmilies(str_replace("\n","<BR>",stripslashes($getquotes3[$i]['quote']))))); 205 $curID = 0;
206 } else {
207 $curID++;
208 }
209
210 $cntcomments = "SELECT COUNT(*) FROM comments WHERE page_id = \"quote-" . $getquotes3[$i]['id'] . "\"";
211 $cntcomments2 = mysql_query($cntcomments);
212 $cntcomments3 = mysql_fetch_array($cntcomments2);
213
214 if ($cntcomments3['COUNT(*)'] == 0)
215 {
216 $comments = '';
217 } else if ($cntcomments3['COUNT(*)'] == 1)
218 {
219 $comments = '1 Comment';
220 } else {
221 $comments = $cntcomments3['COUNT(*)'] . ' Comments';
222 }
223
224 $template->add_ref($curID,'QUOTES',array( 'NUMBER' => $getquotes3[$i]['id'],
225 'RATING' => $getquotes3[$i]['rating'],
226 'DATE' => ($getquotes3[$i]['date'] != 0 ? date('F jS Y \a\\t g:i:s a', $getquotes3[$i]['date']) : ''),
227 'QUOTE' => str_replace("\n","<br />",htmlentities(stripslashes($getquotes3[$i]['quote']))),
228 'COMMENTS' => $comments));
229
230 if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($getquotes3[$i]['id'],$trackArr) === FALSE))
231 {
232 $template->adds_ref_sub($curID, 'CANVOTE', array('exi'=>1));
233 } else {
234 $template->adds_ref_sub($curID, 'NOVOTE', array('exi'=>1));
235 }
236
237 if ($getquotes3[$i]['flag'] == 0)
238 {
239 $template->adds_ref_sub($curID, 'CANFLAG', array('exi'=>1));
240 } else {
241 $template->adds_ref_sub($curID, 'NOFLAG', array('exi'=>1));
242 }
162 243
163 $i++; 244 $i++;
164 } 245 }
@@ -170,7 +251,7 @@ function page_numbers($template, $origin, $quote_limit, $page_default, $page_lim
170{ 251{
171 $numrows = countRows('rash_quotes'); 252 $numrows = countRows('rash_quotes');
172 $testrows = $numrows; 253 $testrows = $numrows;
173 $pagenum = (($testrows + 1) / ($quote_limit > 0 ? $quote_limit : 1)); 254 $pagenum = floor(($testrows + 1) / ($quote_limit > 0 ? $quote_limit : 1));
174 255
175 if (($page_limit % 2)) 256 if (($page_limit % 2))
176 { 257 {
@@ -227,86 +308,4 @@ function page_numbers($template, $origin, $quote_limit, $page_default, $page_lim
227 $template->add('LASTPAGE',$pagenum); 308 $template->add('LASTPAGE',$pagenum);
228} 309}
229 310
230function user_quote_status($where, $quote_num, $template)
231{
232 $tracking_verdict = ip_track($where, $quote_num);
233 if ($where != 'flag')
234 {
235 switch ($tracking_verdict)
236 {
237 case 1:
238 $template->add('TRACKING',"Quote has been modified, and data of your action has been recorded in the database.");
239 break;
240 case 2:
241 $template->add('TRACKING',"Quote has been modified, your IP has been logged, and data of your action has been recorded in the database.");
242 break;
243 case 3:
244 $template->add('TRACKING',"You have already voted on this quote, please try again later.");
245 break;
246 }
247 }
248 return $tracking_verdict;
249}
250
251function ip_track($where, $quote_num)
252{
253 switch ($where)
254 {
255 case 'flag':
256 $where2 = 'vote';
257 break;
258 case 'vote':
259 $where2 = 'flag';
260 break;
261 }
262
263 $getip = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\"";
264 $getip2 = mysql_query($getip);
265 $getip3 = mysql_fetch_array($getip2);
266
267 if ($getip3['ip'] == $_SERVER['REMOTE_ADDR'])
268 {
269 $quote_array = explode(",", $getip3['quote_id']);
270 $quote_place = array_search($quote_num, $quote_array);
271 if (in_array($quote_num, $quote_array))
272 {
273 $where_result = explode(",", $getip3[$where]);
274 if (!isset($where_result[$quote_place]))
275 {
276 $where_result[$quote_place] = 1;
277 $where_result = implode(",", $where_result);
278 $setip = "UPDATE rash_tracking SET " . $where . " = \"" . $where_result . "\" WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\"";
279 $setip2 = mysql_query($getip);
280 return 1;
281 } else {
282 return 3;
283 }
284 } else {
285 $setip = "UPDATE rash_tracking SET " . $where . " = CONCAT(" . $where . ",\",1\"), " . $where2 . " = CONCAT(" . $where2 . ",\",0\"), quote_id = CONCAT(quote_id,\"," . $quote_num . "\") WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\"";
286 $setip2 = mysql_query($setip);
287 return 1;
288 }
289 } else {
290 $insip = "INSERT INTO rash_tracking (ip, quote_id, " . $where . ", " . $where2 . ") VALUES (\"" . $_SERVER['REMOTE_ADDR'] . "\", \"" . $quote_num . "\", 1, 0)";
291 $insip2 = mysql_query($insip);
292 return 2;
293 }
294}
295
296function verify_int($subject)
297{
298 $ymax = strlen($subject);
299 $y = 0;
300 while($y < $ymax)
301 {
302 if ((is_int((int)($subject{$y})) && (int)($subject{$y})) || (int)($subject{$y}) === 0 )
303 {
304 $y++;
305 } else {
306 return false;
307 }
308 }
309 return true;
310}
311
312?> 311?>