diff options
Diffstat (limited to 'pages')
-rwxr-xr-x | pages/admin.php | 13 | ||||
-rwxr-xr-x | pages/blog.php | 23 | ||||
-rwxr-xr-x | pages/holidates.php | 35 | ||||
-rw-r--r-- | pages/poll-results.php | 54 | ||||
-rwxr-xr-x | pages/poll.php | 29 | ||||
-rwxr-xr-x | pages/post.php | 103 | ||||
-rwxr-xr-x | pages/quotes.php | 261 | ||||
-rwxr-xr-x | pages/vote.php | 42 | ||||
-rwxr-xr-x | pages/welcome.php | 22 |
9 files changed, 339 insertions, 243 deletions
diff --git a/pages/admin.php b/pages/admin.php index 12a2d01..326cbdd 100755 --- a/pages/admin.php +++ b/pages/admin.php | |||
@@ -233,7 +233,7 @@ if (isLoggedIn()) | |||
233 | $template->adds_block('INTERNAL',array('exi'=>1)); | 233 | $template->adds_block('INTERNAL',array('exi'=>1)); |
234 | $template->add_ref(0, 'POST', array( 'ID' => $getdraft3['id'], | 234 | $template->add_ref(0, 'POST', array( 'ID' => $getdraft3['id'], |
235 | 'YEARID' => ((date('Y')-2006) % 4), | 235 | 'YEARID' => ((date('Y')-2006) % 4), |
236 | 'DATE' => date('F dS Y \a\\t g:i:s a'), | 236 | 'DATE' => date('F jS Y \a\\t g:i:s a'), |
237 | 'MONTH' => date('M'), | 237 | 'MONTH' => date('M'), |
238 | 'DAY' => date('d'), | 238 | 'DAY' => date('d'), |
239 | 'CODED' => $getdraft3['slug'], | 239 | 'CODED' => $getdraft3['slug'], |
@@ -335,7 +335,7 @@ if (isLoggedIn()) | |||
335 | $template->adds_block('INTERNAL',array('exi'=>1)); | 335 | $template->adds_block('INTERNAL',array('exi'=>1)); |
336 | $template->add_ref(0, 'POST', array( 'ID' => $getpending3['id'], | 336 | $template->add_ref(0, 'POST', array( 'ID' => $getpending3['id'], |
337 | 'YEARID' => ((date('Y')-2006) % 4), | 337 | 'YEARID' => ((date('Y')-2006) % 4), |
338 | 'DATE' => date('F dS Y \a\\t g:i:s a'), | 338 | 'DATE' => date('F jS Y \a\\t g:i:s a'), |
339 | 'MONTH' => date('M'), | 339 | 'MONTH' => date('M'), |
340 | 'DAY' => date('d'), | 340 | 'DAY' => date('d'), |
341 | 'CODED' => $getpending3['slug'], | 341 | 'CODED' => $getpending3['slug'], |
@@ -544,7 +544,7 @@ if (isLoggedIn()) | |||
544 | $template->add('USERNAME', $getcomment3['author']); | 544 | $template->add('USERNAME', $getcomment3['author']); |
545 | $template->add('CODEDEMAIL', md5(strtolower($getcomment3['email']))); | 545 | $template->add('CODEDEMAIL', md5(strtolower($getcomment3['email']))); |
546 | $template->add('TEXT', parseText($getcomment3['comment'])); | 546 | $template->add('TEXT', parseText($getcomment3['comment'])); |
547 | $template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); | 547 | $template->add('DATE', date("F jS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); |
548 | } else { | 548 | } else { |
549 | $template = new FITemplate('msg'); | 549 | $template = new FITemplate('msg'); |
550 | $template->add('BACK', 'the previous page'); | 550 | $template->add('BACK', 'the previous page'); |
@@ -649,8 +649,7 @@ if (isLoggedIn()) | |||
649 | { | 649 | { |
650 | if (isset($_GET['approve'])) | 650 | if (isset($_GET['approve'])) |
651 | { | 651 | { |
652 | $today = mktime(date('G'),date('i'),date('s'),date('m'),date('d'),date('Y')); | 652 | $insquote = "INSERT INTO rash_quotes (quote,date) VALUES (\"" . mysql_real_escape_string($getpending3['quote']) . "\",\"" . time() . "\")"; |
653 | $insquote = "INSERT INTO rash_quotes (quote,date) VALUES (\"" . mysql_real_escape_string($getpending3['quote']) . "\",\"" . $today . "\")"; | ||
654 | $insquote2 = mysql_query($insquote); | 653 | $insquote2 = mysql_query($insquote); |
655 | 654 | ||
656 | $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id']; | 655 | $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id']; |
@@ -721,9 +720,9 @@ if (isLoggedIn()) | |||
721 | $getconfig3 = mysql_fetch_array($getconfig2); | 720 | $getconfig3 = mysql_fetch_array($getconfig2); |
722 | if ($getconfig3['value'] == '1') | 721 | if ($getconfig3['value'] == '1') |
723 | { | 722 | { |
724 | $template->add('ON', ' CHECKED="CHECKED"'); | 723 | $template->add('ON', ' checked="checked"'); |
725 | } else { | 724 | } else { |
726 | $template->add('OFF', ' CHECKED="CHECKED"'); | 725 | $template->add('OFF', ' checked="checked"'); |
727 | } | 726 | } |
728 | } | 727 | } |
729 | } else { | 728 | } else { |
diff --git a/pages/blog.php b/pages/blog.php index a03d3b1..c9781ee 100755 --- a/pages/blog.php +++ b/pages/blog.php | |||
@@ -27,7 +27,7 @@ if ((strpos($_SERVER['REQUEST_URI'],'index.php')) && (isset($_GET['post']))) | |||
27 | header('Location: /blog/' . $_GET['post'] . '/'); | 27 | header('Location: /blog/' . $_GET['post'] . '/'); |
28 | } | 28 | } |
29 | 29 | ||
30 | $pageCategory = 'home'; | 30 | $pageCategory = 'blog'; |
31 | $pageAID = 'archive'; | 31 | $pageAID = 'archive'; |
32 | 32 | ||
33 | if (isset($_GET['post'])) | 33 | if (isset($_GET['post'])) |
@@ -65,7 +65,7 @@ if (isset($_GET['post'])) | |||
65 | 65 | ||
66 | $template->add_ref(0, 'POST', array( 'ID' => $getpost3['id'], | 66 | $template->add_ref(0, 'POST', array( 'ID' => $getpost3['id'], |
67 | 'YEARID' => ((date('Y',strtotime($getpost3['pubDate']))-2006) % 4), | 67 | 'YEARID' => ((date('Y',strtotime($getpost3['pubDate']))-2006) % 4), |
68 | 'DATE' => date('F dS Y \a\\t g:i:s a',strtotime($getpost3['pubDate'])), | 68 | 'DATE' => date('F jS Y \a\\t g:i:s a',strtotime($getpost3['pubDate'])), |
69 | 'MONTH' => date('M',strtotime($getpost3['pubDate'])), | 69 | 'MONTH' => date('M',strtotime($getpost3['pubDate'])), |
70 | 'DAY' => date('d',strtotime($getpost3['pubDate'])), | 70 | 'DAY' => date('d',strtotime($getpost3['pubDate'])), |
71 | 'CODED' => $getpost3['slug'], | 71 | 'CODED' => $getpost3['slug'], |
@@ -80,6 +80,19 @@ if (isset($_GET['post'])) | |||
80 | $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag)); | 80 | $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag)); |
81 | } | 81 | } |
82 | 82 | ||
83 | $gettrack = "SELECT * FROM tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
84 | $gettrack2 = mysql_query($gettrack); | ||
85 | $gettrack3 = mysql_fetch_array($gettrack2); | ||
86 | |||
87 | $trackArr = explode(',',$gettrack3['rating']); | ||
88 | |||
89 | if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($getpost3['id'],$trackArr) === FALSE)) | ||
90 | { | ||
91 | $template->adds_ref_sub(0, 'CANVOTE', array('exi'=>1)); | ||
92 | } else { | ||
93 | $template->adds_ref_sub(0, 'NOVOTE', array('exi'=>1)); | ||
94 | } | ||
95 | |||
83 | $template->display(); | 96 | $template->display(); |
84 | 97 | ||
85 | $getpings = "SELECT * FROM pingbacks WHERE post_id = " . $getpost3['id']; | 98 | $getpings = "SELECT * FROM pingbacks WHERE post_id = " . $getpost3['id']; |
@@ -93,8 +106,8 @@ if (isset($_GET['post'])) | |||
93 | } | 106 | } |
94 | 107 | ||
95 | $template->adds_block('PINGBACK', array( 'TITLE' => $getpings3[$i]['title'], | 108 | $template->adds_block('PINGBACK', array( 'TITLE' => $getpings3[$i]['title'], |
96 | 'URL' => $getpings3[$i]['url'], | 109 | 'URL' => htmlspecialchars($getpings3[$i]['url']), |
97 | 'DATE' => date('F d<\S\U\P>S</\S\U\P> Y', strtotime($getpings3[$i]['pubDate'])))); | 110 | 'DATE' => date('F jS Y', strtotime($getpings3[$i]['pubDate'])))); |
98 | $i++; | 111 | $i++; |
99 | } | 112 | } |
100 | 113 | ||
@@ -124,7 +137,7 @@ if (isset($_GET['post'])) | |||
124 | { | 137 | { |
125 | $template->adds_block('BIO', array( 'TEXT' => $getbio3['text'], | 138 | $template->adds_block('BIO', array( 'TEXT' => $getbio3['text'], |
126 | 'USERNAME' => $getbio3['username'], | 139 | 'USERNAME' => $getbio3['username'], |
127 | 'DATE' => date('F dS Y \a\\t g:i:s a',strtotime($getbio3['lastUpdated'])))); | 140 | 'DATE' => date('F jS Y \a\\t g:i:s a',strtotime($getbio3['lastUpdated'])))); |
128 | } | 141 | } |
129 | } elseif (isset($_GET['tag'])) | 142 | } elseif (isset($_GET['tag'])) |
130 | { | 143 | { |
diff --git a/pages/holidates.php b/pages/holidates.php index 29b0ca4..e5d8860 100755 --- a/pages/holidates.php +++ b/pages/holidates.php | |||
@@ -1,10 +1,39 @@ | |||
1 | <TABLE WIDTH="100%" CLASS="webmail"><TR><TH>ID</TH><TH>Date</TH><TH>Holidate</TH></TR><?php | 1 | <?php |
2 | /* | ||
3 | 444444444 | ||
4 | 4::::::::4 | ||
5 | 4:::::::::4 | ||
6 | 4::::44::::4 | ||
7 | 4::::4 4::::4 Four Island | ||
8 | 4::::4 4::::4 | ||
9 | 4::::4 4::::4 Written and maintained by Starla Insigna | ||
10 | 4::::444444::::444 | ||
11 | 4::::::::::::::::4 header.inc | ||
12 | 4444444444:::::444 | ||
13 | 4::::4 Please do not use, reproduce or steal the | ||
14 | 4::::4 contents of this file without explicit | ||
15 | 4::::4 permission from Hatkirby. | ||
16 | 44::::::44 | ||
17 | 4::::::::4 | ||
18 | 4444444444 | ||
19 | */ | ||
20 | |||
21 | if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} | ||
22 | |||
23 | require('headerproc.php'); | ||
24 | |||
25 | $template = new FITemplate('holidates'); | ||
2 | 26 | ||
3 | foreach ($specialdates as $num => $val) | 27 | foreach ($specialdates as $num => $val) |
4 | { | 28 | { |
5 | $date = sd_clearDate(); | 29 | $date = sd_clearDate(); |
6 | $date += ($num*60*60*24); | 30 | $date += ($num*60*60*24); |
7 | echo('<TR' . (($num % 2 == 0) ? ' CLASS="even"' : '') . '><TD>' . $num . '</TD><TD>' . date('F jS',$date) . '</TD><TD>' . $val . '</TD></TR>'); | 31 | $template->adds_block('DATE', array( 'EVEN' => (($num % 2 == 0) ? ' CLASS="even"' : ''), |
32 | 'NUM' => $num, | ||
33 | 'DATE' => date('F jS', $date), | ||
34 | 'TEXT' => $val)); | ||
8 | } | 35 | } |
9 | 36 | ||
10 | ?></TABLE> | 37 | $template->display(); |
38 | |||
39 | ?> | ||
diff --git a/pages/poll-results.php b/pages/poll-results.php new file mode 100644 index 0000000..e829e53 --- /dev/null +++ b/pages/poll-results.php | |||
@@ -0,0 +1,54 @@ | |||
1 | <?php | ||
2 | /* | ||
3 | 444444444 | ||
4 | 4::::::::4 | ||
5 | 4:::::::::4 | ||
6 | 4::::44::::4 | ||
7 | 4::::4 4::::4 Four Island | ||
8 | 4::::4 4::::4 | ||
9 | 4::::4 4::::4 Written and maintained by Starla Insigna | ||
10 | 4::::444444::::444 | ||
11 | 4::::::::::::::::4 pages/poll-results.php | ||
12 | 4444444444:::::444 | ||
13 | 4::::4 Please do not use, reproduce or steal the | ||
14 | 4::::4 contents of this file without explicit | ||
15 | 4::::4 permission from Hatkirby. | ||
16 | 44::::::44 | ||
17 | 4::::::::4 | ||
18 | 4444444444 | ||
19 | */ | ||
20 | |||
21 | if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} | ||
22 | |||
23 | require('headerproc.php'); | ||
24 | |||
25 | if ((isset($_GET['id'])) && (is_numeric($_GET['id'])) && ($_GET['id'] >= 1) && ($_GET['id'] <= 4)) | ||
26 | { | ||
27 | if (isLoggedIn()) | ||
28 | { | ||
29 | $getip = "SELECT * FROM didpollalready WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
30 | $getip2 = mysql_query($getip); | ||
31 | $getip3 = mysql_fetch_array($getip2); | ||
32 | |||
33 | if ($getip3['ip'] != $_SERVER['REMOTE_ADDR']) | ||
34 | { | ||
35 | $setip = "INSERT INTO didpollalready SET ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
36 | $setip2 = mysql_query($setip); | ||
37 | $getpoll = "SELECT * FROM polloftheweek ORDER BY id DESC LIMIT 0,1"; | ||
38 | $getpoll2 = mysql_query($getpoll); | ||
39 | $getpoll3 = mysql_fetch_array($getpoll2); | ||
40 | $setpoll = "UPDATE polloftheweek SET clicks" . $_GET['id'] . " = " . ($getpoll3['clicks' . $_GET['id']]+1) . " WHERE id = " . $getpoll3['id']; | ||
41 | $setpoll2 = mysql_query($setpoll); | ||
42 | |||
43 | die(getPollOfTheWeek()); | ||
44 | } else { | ||
45 | generateError('404'); | ||
46 | } | ||
47 | } else { | ||
48 | generateError('404'); | ||
49 | } | ||
50 | } else { | ||
51 | generateError('404'); | ||
52 | } | ||
53 | |||
54 | ?> | ||
diff --git a/pages/poll.php b/pages/poll.php index d9cce70..6582d90 100755 --- a/pages/poll.php +++ b/pages/poll.php | |||
@@ -24,22 +24,7 @@ require('headerproc.php'); | |||
24 | 24 | ||
25 | $pageCategory = 'poll'; | 25 | $pageCategory = 'poll'; |
26 | 26 | ||
27 | if (isset($_GET['submit'])) | 27 | if (!isset($_GET['id'])) |
28 | { | ||
29 | $setip = "INSERT INTO didpollalready SET ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
30 | $setip2 = mysql_query($setip); | ||
31 | $getpoll = "SELECT * FROM polloftheweek ORDER BY id DESC LIMIT 0,1"; | ||
32 | $getpoll2 = mysql_query($getpoll); | ||
33 | $getpoll3 = mysql_fetch_array($getpoll2); | ||
34 | $setpoll = "UPDATE polloftheweek SET clicks" . $_POST['options'] . " = " . ($getpoll3['clicks' . $_POST['options']]+1) . " WHERE id = " . $getpoll3['id']; | ||
35 | $setpoll2 = mysql_query($setpoll); | ||
36 | |||
37 | $template = new FITemplate('msg'); | ||
38 | |||
39 | $template->add('MSG','<H2>' . $getpoll3['question'] . '</H2><P>Thank you for voting on the Poll of the Week!<BR><A HREF="poll.php?id=' . $getpoll3['id'] . '">Click here to visit the page for this poll.'); | ||
40 | |||
41 | $template->display(); | ||
42 | } else if (!isset($_GET['id'])) | ||
43 | { | 28 | { |
44 | $template = new FITemplate('pollIndex'); | 29 | $template = new FITemplate('pollIndex'); |
45 | 30 | ||
@@ -70,7 +55,7 @@ if (isset($_GET['submit'])) | |||
70 | $template->adds_block('POLL', array( 'ID' => $getpolls3[$i]['id'], | 55 | $template->adds_block('POLL', array( 'ID' => $getpolls3[$i]['id'], |
71 | 'QUESTION' => $question, | 56 | 'QUESTION' => $question, |
72 | 'WEEK' => date('F jS Y', strtotime($getpolls3[$i]['week'])), | 57 | 'WEEK' => date('F jS Y', strtotime($getpolls3[$i]['week'])), |
73 | 'EVEN' => (($i % 2 == 1) ? ' CLASS="even"' : ''))); | 58 | 'EVEN' => (($i % 2 == 1) ? ' class="even"' : ''))); |
74 | $i++; | 59 | $i++; |
75 | } | 60 | } |
76 | 61 | ||
@@ -94,8 +79,7 @@ if (isset($_GET['submit'])) | |||
94 | $template->adds_block('NEXT', array('ID' => ($start+1))); | 79 | $template->adds_block('NEXT', array('ID' => ($start+1))); |
95 | } | 80 | } |
96 | 81 | ||
97 | include('pages/polloftheweek.php'); | 82 | $template->add('POTW', getPollOfTheWeek()); |
98 | |||
99 | $template->display(); | 83 | $template->display(); |
100 | } else { | 84 | } else { |
101 | $template = new FITemplate('poll'); | 85 | $template = new FITemplate('poll'); |
@@ -114,7 +98,7 @@ if (isset($_GET['submit'])) | |||
114 | { | 98 | { |
115 | $template->adds_block('COMPLETE', array( 'RSS' => parseText($getrss3['rss']), | 99 | $template->adds_block('COMPLETE', array( 'RSS' => parseText($getrss3['rss']), |
116 | 'AUTHOR' => $getrss3['author'], | 100 | 'AUTHOR' => $getrss3['author'], |
117 | 'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getrss3['date'])), | 101 | 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getrss3['date'])), |
118 | 'OPTION1' => $getpoll3['option1'], | 102 | 'OPTION1' => $getpoll3['option1'], |
119 | 'OPTION2' => $getpoll3['option2'], | 103 | 'OPTION2' => $getpoll3['option2'], |
120 | 'OPTION3' => $getpoll3['option3'], | 104 | 'OPTION3' => $getpoll3['option3'], |
@@ -127,10 +111,7 @@ if (isset($_GET['submit'])) | |||
127 | $template->adds_block('INCOMPLETE', array('exi'=>1)); | 111 | $template->adds_block('INCOMPLETE', array('exi'=>1)); |
128 | } | 112 | } |
129 | 113 | ||
130 | $forceDisplay = $_GET['id']; | 114 | $template->add('POTW', getPollOfTheWeek($_GET['id'])); |
131 | include('pages/polloftheweek.php'); | ||
132 | unset($forceDisplay); | ||
133 | |||
134 | $template->display(); | 115 | $template->display(); |
135 | 116 | ||
136 | $page_id = 'polloftheweek-' . $getpoll3['id']; | 117 | $page_id = 'polloftheweek-' . $getpoll3['id']; |
diff --git a/pages/post.php b/pages/post.php index 87413e8..121435a 100755 --- a/pages/post.php +++ b/pages/post.php | |||
@@ -22,74 +22,79 @@ if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} | |||
22 | 22 | ||
23 | require('headerproc.php'); | 23 | require('headerproc.php'); |
24 | 24 | ||
25 | $pageCategory = 'home'; | ||
26 | $pageAID = 'archive'; | ||
27 | |||
28 | include('includes/recaptchalib.php'); | 25 | include('includes/recaptchalib.php'); |
29 | $privatekey = "6LfgvgEAAAAAAD0_UVLp57MU7tqcypsbZPS9qTnr"; | 26 | $privatekey = "6LfgvgEAAAAAAD0_UVLp57MU7tqcypsbZPS9qTnr"; |
30 | 27 | ||
31 | $template = new FITemplate('msg'); | 28 | if (!isset($_POST['id'])) |
32 | $template->add('BACK','the previous page'); | ||
33 | |||
34 | if (!isset($_GET['id'])) | ||
35 | { | 29 | { |
36 | $template->add('MSG','I\'m sorry, but there\'s no page-id set here, so sadly you can\'t comment yet. Why not contact the administratior (link on the HatBar) and tell her that you saw this error?'); | 30 | generateError('404'); |
37 | } else { | 31 | } else { |
38 | if ($_POST['comment'] == "") | 32 | if ($_POST['comment'] == "") |
39 | { | 33 | { |
40 | $template->add('MSG','I\'m sorry, but you didn\'t enter a comment!'); | 34 | die('I\'m sorry, but you didn\'t enter a comment!'); |
41 | } else { | 35 | } else { |
42 | if (!isLoggedIn()) | 36 | if (!isLoggedIn()) |
43 | { | 37 | { |
44 | $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); | 38 | if ($_POST['username'] == "") |
45 | if (!$resp->is_valid) | ||
46 | { | 39 | { |
47 | $template->add('MSG',"The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA said: " . $resp->error . ")"); | 40 | die('You forgot to enter a username.'); |
48 | } else { | 41 | } else { |
49 | if (preg_match('/^[A-Za-z0-9!#$&\'*+-\/=?^_`{|}~]+@[-A-Za-z0-9]+(\.[-A-Za-z0-9]+)+[A-Za-z]$/', $_POST['email'])) | 42 | if (preg_match('/^[A-Za-z0-9!#$&\'*+-\/=?^_`{|}~]+@[-A-Za-z0-9]+(\.[-A-Za-z0-9]+)+[A-Za-z]$/', $_POST['email'])) |
50 | { | 43 | { |
51 | $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $_POST['username'] . "\""; | 44 | $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); |
52 | $getanon2 = mysql_query($getanon); | 45 | if (!$resp->is_valid) |
53 | $getanon3 = mysql_fetch_array($getanon2); | ||
54 | |||
55 | if ($getanon3['username'] == $_POST['username']) | ||
56 | { | 46 | { |
57 | if ($getanon3['email'] == $_POST['email']) | 47 | die('The reCAPTCHA wasn\'t entered correctly. Go back and try it again.'); |
58 | { | 48 | } else { |
59 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", user_id = " . $getanon3['id'] . ", comment = \"" . $_POST['comment'] . "\", is_anon = 1"; | 49 | $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $_POST['username'] . "\""; |
60 | $setcomment2 = mysql_query($setcomment); | 50 | $getanon2 = mysql_query($getanon); |
51 | $getanon3 = mysql_fetch_array($getanon2); | ||
61 | 52 | ||
62 | $page_id = $_GET['id']; | 53 | if ($getanon3['username'] == $_POST['username']) |
63 | $comType = substr($page_id,0,strpos($page_id,'-')); | 54 | { |
64 | $comID = substr($page_id,strpos($page_id,'-')+1); | 55 | if ($getanon3['email'] == $_POST['email']) |
65 | if ($comType == 'updates') | ||
66 | { | 56 | { |
67 | recalcPop($comID); | 57 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_POST['id'] . "\", user_id = " . $getanon3['id'] . ", comment = \"" . $_POST['comment'] . "\", is_anon = 1"; |
58 | $setcomment2 = mysql_query($setcomment); | ||
59 | $cid = mysql_insert_id(); | ||
60 | |||
61 | $page_id = $_POST['id']; | ||
62 | $comType = substr($page_id,0,strpos($page_id,'-')); | ||
63 | $comID = substr($page_id,strpos($page_id,'-')+1); | ||
64 | if ($comType == 'updates') | ||
65 | { | ||
66 | recalcPop($comID); | ||
67 | } | ||
68 | |||
69 | $template = new FITemplate('new-comment'); | ||
70 | $template->add('ID', $cid); | ||
71 | $template->add('CODEDEMAIL', md5(strtolower($getanon3['email']))); | ||
72 | $template->add('TEXT', stripslashes($_POST['comment'])); | ||
73 | $template->add('USERNAME', $getanon3['username']); | ||
74 | $template->add('DATE', date("F jS Y \a\\t g:i:s a")); | ||
75 | $template->display(); | ||
76 | |||
77 | exit; | ||
78 | } else { | ||
79 | die('I\'m sorry, but this anonymous username is already in use. If this is in fact you, please verify that you have entered the same email address that you entered the first time you commented here.'); | ||
68 | } | 80 | } |
69 | |||
70 | $template->add('MSG',"Thank you, " . $getanon3['username'] . ", for posting your valuable comment!"); | ||
71 | } else { | 81 | } else { |
72 | $template->add('MSG',"I'm sorry, but this anonymous username is already in use. If this is in fact you, please verify that you have entered the same email address that you entered the first time you commented here."); | 82 | $setcomment = "INSERT INTO moderation SET page_id = \"" . $_POST['id'] . "\", author = \"" . $_POST['username'] . "\", email = \"" . $_POST['email'] . "\", comment = \"" . $_POST['comment'] . "\", website = \"" . $_POST['website'] . "\""; |
73 | } | 83 | $setcomment2 = mysql_query($setcomment); |
74 | } else { | ||
75 | $setcomment = "INSERT INTO moderation SET page_id = \"" . $_GET['id'] . "\", author = \"" . $_POST['username'] . "\", email = \"" . $_POST['email'] . "\", comment = \"" . $_POST['comment'] . "\", website = \"" . $_POST['website'] . "\""; | ||
76 | $setcomment2 = mysql_query($setcomment); | ||
77 | |||
78 | mail('hatkirby@fourisland.com', 'New comment to moderate on Four Island', 'Some one has anonymously left a comment on Four Island and it will require moderation.'); | ||
79 | 84 | ||
80 | $template->add('MSG',"Thank you for posting your valuable comment!<P>However, as you aren't logged in, your comment will have to be verified by a moderator before it appears. Sorry!"); | 85 | die('Thank you for posting your valuable comment!<br />However, as you aren\'t logged in, your comment will have to be verified by a moderator before it appears. Sorry!'); |
86 | } | ||
81 | } | 87 | } |
82 | } else { | 88 | } else { |
83 | $template->add('MSG',"I'm sorry, but you've entered an invalid email address."); | 89 | die('I\'m sorry, but you\'ve entered an invalid email address.'); |
84 | } | 90 | } |
85 | } | 91 | } |
86 | } else { | 92 | } else { |
87 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", user_id = " . getSessionUserID() . ", comment = \"" . $_POST['comment'] . "\", is_anon = 0"; | 93 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_POST['id'] . "\", user_id = " . getSessionUserID() . ", comment = \"" . $_POST['comment'] . "\", is_anon = 0"; |
88 | $setcomment2 = mysql_query($setcomment); | 94 | $setcomment2 = mysql_query($setcomment); |
95 | $cid = mysql_insert_id(); | ||
89 | 96 | ||
90 | mail('hatkirby@fourisland.com', 'New comment on Four Island!', getSessionUsername() . ' has posted a comment on Four Island under the "page id" ' . $_GET['id']); | 97 | $page_id = $_POST['id']; |
91 | |||
92 | $page_id = $_GET['id']; | ||
93 | $comType = substr($page_id,0,strpos($page_id,'-')); | 98 | $comType = substr($page_id,0,strpos($page_id,'-')); |
94 | $comID = substr($page_id,strpos($page_id,'-')+1); | 99 | $comID = substr($page_id,strpos($page_id,'-')+1); |
95 | if ($comType == 'updates') | 100 | if ($comType == 'updates') |
@@ -97,11 +102,21 @@ if (!isset($_GET['id'])) | |||
97 | recalcPop($comID); | 102 | recalcPop($comID); |
98 | } | 103 | } |
99 | 104 | ||
100 | $template->add('MSG',"Thank you, " . getSessionUsername() . ", for posting your valuable comment!"); | 105 | $getuser = "SELECT * FROM phpbb_users WHERE user_id = " . getSessionUserID(); |
106 | $getuser2 = mysql_query($getuser); | ||
107 | $getuser3 = mysql_fetch_array($getuser2); | ||
108 | |||
109 | $template = new FITemplate('new-comment'); | ||
110 | $template->add('ID', $cid); | ||
111 | $template->add('CODEDEMAIL', md5(strtolower($getuser3['user_email']))); | ||
112 | $template->add('TEXT', stripslashes($_POST['comment'])); | ||
113 | $template->add('USERNAME', getSessionUsername()); | ||
114 | $template->add('DATE', date("F jS Y \a\\t g:i:s a")); | ||
115 | $template->display(); | ||
116 | |||
117 | exit; | ||
101 | } | 118 | } |
102 | } | 119 | } |
103 | } | 120 | } |
104 | 121 | ||
105 | $template->display(); | ||
106 | |||
107 | ?> | 122 | ?> |
diff --git a/pages/quotes.php b/pages/quotes.php index 6db3cb0..4e0332f 100755 --- a/pages/quotes.php +++ b/pages/quotes.php | |||
@@ -24,70 +24,92 @@ require('headerproc.php'); | |||
24 | 24 | ||
25 | $pageCategory = 'quotes'; | 25 | $pageCategory = 'quotes'; |
26 | 26 | ||
27 | if (isset($_GET['id'])) | 27 | $hatNav = array( array( 'title' => 'Latest', |
28 | 'url' => 'http://fourisland.com/quotes/latest.php', | ||
29 | 'icon' => '16-star-hot' | ||
30 | ), | ||
31 | array( 'title' => 'Best', | ||
32 | 'url' => 'http://fourisland.com/quotes/top.php', | ||
33 | 'icon' => 'medal_gold_1' | ||
34 | ), | ||
35 | array( 'title' => 'Worst', | ||
36 | 'url' => 'http://fourisland.com/quotes/bottom.php', | ||
37 | 'icon' => '16-message-warn' | ||
38 | ), | ||
39 | array( 'title' => 'Browse All', | ||
40 | 'url' => 'http://fourisland.com/quotes/browse.php', | ||
41 | 'icon' => '16-file-archive' | ||
42 | ), | ||
43 | array( 'title' => 'Random', | ||
44 | 'url' => 'http://fourisland.com/quotes/random.php', | ||
45 | 'icon' => '16-clock' | ||
46 | ), | ||
47 | array( 'title' => 'Add', | ||
48 | 'url' => 'http://fourisland.com/quotes/add.php', | ||
49 | 'icon' => '16-em-pencil' | ||
50 | ), | ||
51 | array( 'title' => 'Search', | ||
52 | 'url' => 'http://fourisland.com/quotes/search.php', | ||
53 | 'icon' => 'book_open' | ||
54 | )); | ||
55 | |||
56 | if (isset($_GET['id']) && is_numeric($_GET['id'])) | ||
28 | { | 57 | { |
29 | $quote_num = $_GET['id']; | 58 | $quote_num = $_GET['id']; |
30 | } | 59 | } |
31 | 60 | ||
32 | if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest')) | 61 | if (isset($_GET['id']) && !(is_numeric($_GET['id']))) |
62 | { | ||
63 | generateError('404'); | ||
64 | } else if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest')) | ||
33 | { | 65 | { |
34 | $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY id DESC LIMIT 50"; | 66 | $query = "SELECT * FROM rash_quotes ORDER BY id DESC LIMIT 50"; |
35 | quote_generation($query, "Latest", -1); | 67 | quote_generation($query, "Latest", -1); |
36 | } else if ($_GET['act'] == 'add') | 68 | } else if ($_GET['act'] == 'add') |
37 | { | 69 | { |
38 | $template = new FITemplate('quotes/add'); | 70 | $template = new FITemplate('quotes/add'); |
39 | if (isset($_GET['submit'])) | 71 | if (isset($_GET['submit'])) |
40 | { | 72 | { |
41 | $template->adds_block('SUBMITTED',array('QUOTE' => (nl2br(htmlspecialchars($_POST['rash_quote'])) . "\n"))); | 73 | $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities($_POST['rash_quote'])))); |
42 | if (!isLoggedIn()) | 74 | if (!isLoggedIn()) |
43 | { | 75 | { |
44 | $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; | 76 | $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; |
45 | } else { | 77 | } else { |
46 | $today = mktime(date('G'),date('i'),date('s'),date('m'),date('d'),date('Y')); | 78 | $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . time() . "\")"; |
47 | $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . $today . "\")"; | ||
48 | } | 79 | } |
49 | $insquote2 = mysql_query($insquote); | 80 | $insquote2 = mysql_query($insquote); |
50 | } | 81 | } |
51 | $template->display(); | 82 | $template->display(); |
52 | } elseif ($_GET['act'] == 'bottom') | 83 | } elseif ($_GET['act'] == 'bottom') |
53 | { | 84 | { |
54 | $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating < 0 ORDER BY rating ASC LIMIT 50"; | 85 | $query = "SELECT * FROM rash_quotes WHERE rating < 0 ORDER BY rating ASC LIMIT 50"; |
55 | quote_generation($query, "Bottom", -1); | 86 | quote_generation($query, "Bottom", -1); |
56 | } elseif ($_GET['act'] == 'browse') | 87 | } elseif ($_GET['act'] == 'browse') |
57 | { | 88 | { |
58 | $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY id ASC "; | 89 | $query = "SELECT * FROM rash_quotes ORDER BY id ASC "; |
59 | quote_generation($query, "Browse", (isset($_GET['page']) ? $_GET['page'] : 1), 10, 5); | 90 | quote_generation($query, "Browse", (isset($_GET['page']) ? $_GET['page'] : 1), 10, 5); |
60 | } elseif ($_GET['act'] == 'flag') | 91 | } elseif ($_GET['act'] == 'flag') |
61 | { | 92 | { |
62 | $template = new FITemplate('msg'); | 93 | $getfla = "SELECT * FROM rash_quotes WHERE id = " . $quote_num . " LIMIT 0,1"; |
63 | $tracking_verdict = user_quote_status('flag', $quote_num, $template); | 94 | $getfla2 = mysql_query($getfla); |
64 | if ($tracking_verdict < 3) | 95 | $getfla3 = mysql_fetch_array($getfla2); |
96 | |||
97 | if ($getfla3['flag'] == 2) | ||
65 | { | 98 | { |
66 | $getfla = "SELECT flag FROM rash_quotes WHERE id = " . $quote_num . " LIMIT 0,1"; | 99 | die('0'); |
67 | $getfla2 = mysql_query($getfla); | 100 | } else { |
68 | $getfla3 = mysql_fetch_array($getfla2); | 101 | $setfla = "UPDATE rash_quotes SET flag = 1 WHERE id = " . $quote_num; |
102 | $setfla2 = mysql_query($setfla); | ||
69 | 103 | ||
70 | if ($getfla3['flag'] == 2) | 104 | die('1'); |
71 | { | ||
72 | $template->add('MSG',"This quote has been flagged and rechecked by a moderator already."); | ||
73 | } elseif ($getfla3['flag'] == 1) | ||
74 | { | ||
75 | $template->add('MSG',"This quote is currently pending deletion."); | ||
76 | } else { | ||
77 | $template->add('MSG',"You have marked this quote for deletion."); | ||
78 | $setfla = "UPDATE rash_quotes SET flag = 1 WHERE id = " . $quote_num; | ||
79 | $setfla2 = mysql_query($setfla); | ||
80 | } | ||
81 | } | 105 | } |
82 | $template->add('BACK','Quote #' . $quote_num); | ||
83 | $template->display(); | ||
84 | } elseif ($_GET['act'] == 'random') | 106 | } elseif ($_GET['act'] == 'random') |
85 | { | 107 | { |
86 | $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY rand() LIMIT 50"; | 108 | $query = "SELECT * FROM rash_quotes ORDER BY rand() LIMIT 50"; |
87 | quote_generation($query, "Random", -1); | 109 | quote_generation($query, "Random", -1); |
88 | } elseif ($_GET['act'] == 'random2') | 110 | } elseif ($_GET['act'] == 'random2') |
89 | { | 111 | { |
90 | $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating > 1 ORDER BY rand() LIMIT 50"; | 112 | $query = "SELECT * FROM rash_quotes WHERE rating > 1 ORDER BY rand() LIMIT 50"; |
91 | quote_generation($query, "Random2", -1); | 113 | quote_generation($query, "Random2", -1); |
92 | } elseif ($_GET['act'] == 'search') | 114 | } elseif ($_GET['act'] == 'search') |
93 | { | 115 | { |
@@ -99,22 +121,24 @@ if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest')) | |||
99 | } else { | 121 | } else { |
100 | $how = 'asc'; | 122 | $how = 'asc'; |
101 | } | 123 | } |
102 | $getquotes = "SELECT id, quote, rating, flag FROM rash_quotes WHERE quote LIKE \"%" . $_POST['search'] . "%\" ORDER BY " . $_POST['sortby'] . " " . $how . " LIMIT 0," . $_POST['number']; | 124 | $getquotes = "SELECT * FROM rash_quotes WHERE quote LIKE \"%" . $_POST['search'] . "%\" ORDER BY " . $_POST['sortby'] . " " . $how . " LIMIT 0," . $_POST['number']; |
103 | quote_generation($getquotes, "Query Results", -1); | 125 | quote_generation($getquotes, "Query Results", -1); |
104 | } | 126 | } |
105 | $template = new FITemplate('quotes/search'); | 127 | $template = new FITemplate('quotes/search'); |
106 | $template->display(); | 128 | $template->display(); |
107 | } elseif ($_GET['act'] == 'top') | 129 | } elseif ($_GET['act'] == 'top') |
108 | { | 130 | { |
109 | $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating > 0 ORDER BY rating DESC LIMIT 50"; | 131 | $query = "SELECT * FROM rash_quotes WHERE rating > 0 ORDER BY rating DESC LIMIT 50"; |
110 | quote_generation($query, "Top", -1); | 132 | quote_generation($query, "Top", -1); |
111 | } elseif ($_GET['act'] == 'vote') | 133 | } elseif ($_GET['act'] == 'vote') |
112 | { | 134 | { |
113 | $template = new FITemplate('msg'); | 135 | $gettrack = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; |
114 | $tracking_verdict = user_quote_status('vote', $quote_num,$template); | 136 | $gettrack2 = mysql_query($gettrack); |
115 | $template->add('BACK','Quote #' . $quote_num); | 137 | $gettrack3 = mysql_fetch_array($gettrack2); |
116 | $template->display(); | 138 | |
117 | if ($tracking_verdict < 3) | 139 | $trackArr = explode(',',$gettrack3['vote']); |
140 | |||
141 | if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($quote_num,$trackArr) === FALSE)) | ||
118 | { | 142 | { |
119 | if ($_GET['dir'] == "plus") | 143 | if ($_GET['dir'] == "plus") |
120 | { | 144 | { |
@@ -125,18 +149,32 @@ if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest')) | |||
125 | $setquote = "UPDATE rash_quotes SET rating = rating-1 WHERE id = " . $quote_num; | 149 | $setquote = "UPDATE rash_quotes SET rating = rating-1 WHERE id = " . $quote_num; |
126 | $setquote2 = mysql_query($setquote); | 150 | $setquote2 = mysql_query($setquote); |
127 | } | 151 | } |
128 | } | ||
129 | } else { | ||
130 | if ((is_int($_GET['act']) || ($_GET['act'] != false)) && (verify_int($_GET['act']))) | ||
131 | { | ||
132 | $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE id = " . $_GET['act']; | ||
133 | quote_generation($query, "#" . $_GET['act'], -1); | ||
134 | 152 | ||
135 | $page_id = 'quote-' . $_GET['act']; | 153 | if ($gettrack3['ip'] == $_SERVER['REMOTE_ADDR']) |
136 | include('includes/comments.php'); | 154 | { |
155 | $settrack = "UPDATE rash_tracking SET vote = \"" . $gettrack3['vote'] . "," . $quote_num . "\" WHERE id = " . $gettrack3['id']; | ||
156 | } else { | ||
157 | $settrack = "INSERT INTO tracking (ip,vote) VALUES (\"" . $_SERVER['REMOTE_ADDR'] . "\",\"" . $quote_num . "\")"; | ||
158 | } | ||
159 | $settrack2 = mysql_query($settrack) or die($settrack); | ||
160 | |||
161 | $getquote = "SELECT * FROM rash_quotes WHERE id = " . $quote_num; | ||
162 | $getquote2 = mysql_query($getquote); | ||
163 | $getquote3 = mysql_fetch_array($getquote2); | ||
164 | |||
165 | die($getquote3['rating']); | ||
137 | } else { | 166 | } else { |
138 | generateError('404'); | 167 | die; |
139 | } | 168 | } |
169 | } else if (is_numeric($_GET['act'])) | ||
170 | { | ||
171 | $query = "SELECT * FROM rash_quotes WHERE id = " . $_GET['act']; | ||
172 | quote_generation($query, "#" . $_GET['act'], -1); | ||
173 | |||
174 | $page_id = 'quote-' . $_GET['act']; | ||
175 | include('includes/comments.php'); | ||
176 | } else { | ||
177 | generateError('404'); | ||
140 | } | 178 | } |
141 | 179 | ||
142 | function quote_generation($query, $origin, $page = 1, $quote_limit = 50, $page_limit = 10) | 180 | function quote_generation($query, $origin, $page = 1, $quote_limit = 50, $page_limit = 10) |
@@ -152,13 +190,56 @@ function quote_generation($query, $origin, $page = 1, $quote_limit = 50, $page_l | |||
152 | } | 190 | } |
153 | $template->add('ORIGIN',$origin); | 191 | $template->add('ORIGIN',$origin); |
154 | 192 | ||
193 | $gettrack = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
194 | $gettrack2 = mysql_query($gettrack); | ||
195 | $gettrack3 = mysql_fetch_array($gettrack2); | ||
196 | |||
197 | $trackArr = explode(',',$gettrack3['vote']); | ||
198 | |||
155 | $getquotes2 = mysql_query($query); | 199 | $getquotes2 = mysql_query($query); |
156 | $i=0; | 200 | $i=0; |
157 | while ($getquotes3[$i] = mysql_fetch_array($getquotes2)) | 201 | while ($getquotes3[$i] = mysql_fetch_array($getquotes2)) |
158 | { | 202 | { |
159 | $template->adds_block('QUOTES',array( 'NUMBER' => $getquotes3[$i]['id'], | 203 | if (!isset($curID)) |
160 | 'RATING' => $getquotes3[$i]['rating'], | 204 | { |
161 | 'QUOTE' => parseSmilies(str_replace("\n","<BR>",stripslashes($getquotes3[$i]['quote']))))); | 205 | $curID = 0; |
206 | } else { | ||
207 | $curID++; | ||
208 | } | ||
209 | |||
210 | $cntcomments = "SELECT COUNT(*) FROM comments WHERE page_id = \"quote-" . $getquotes3[$i]['id'] . "\""; | ||
211 | $cntcomments2 = mysql_query($cntcomments); | ||
212 | $cntcomments3 = mysql_fetch_array($cntcomments2); | ||
213 | |||
214 | if ($cntcomments3['COUNT(*)'] == 0) | ||
215 | { | ||
216 | $comments = ''; | ||
217 | } else if ($cntcomments3['COUNT(*)'] == 1) | ||
218 | { | ||
219 | $comments = '1 Comment'; | ||
220 | } else { | ||
221 | $comments = $cntcomments3['COUNT(*)'] . ' Comments'; | ||
222 | } | ||
223 | |||
224 | $template->add_ref($curID,'QUOTES',array( 'NUMBER' => $getquotes3[$i]['id'], | ||
225 | 'RATING' => $getquotes3[$i]['rating'], | ||
226 | 'DATE' => ($getquotes3[$i]['date'] != 0 ? date('F jS Y \a\\t g:i:s a', $getquotes3[$i]['date']) : ''), | ||
227 | 'QUOTE' => str_replace("\n","<br />",htmlentities(stripslashes($getquotes3[$i]['quote']))), | ||
228 | 'COMMENTS' => $comments)); | ||
229 | |||
230 | if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($getquotes3[$i]['id'],$trackArr) === FALSE)) | ||
231 | { | ||
232 | $template->adds_ref_sub($curID, 'CANVOTE', array('exi'=>1)); | ||
233 | } else { | ||
234 | $template->adds_ref_sub($curID, 'NOVOTE', array('exi'=>1)); | ||
235 | } | ||
236 | |||
237 | if ($getquotes3[$i]['flag'] == 0) | ||
238 | { | ||
239 | $template->adds_ref_sub($curID, 'CANFLAG', array('exi'=>1)); | ||
240 | } else { | ||
241 | $template->adds_ref_sub($curID, 'NOFLAG', array('exi'=>1)); | ||
242 | } | ||
162 | 243 | ||
163 | $i++; | 244 | $i++; |
164 | } | 245 | } |
@@ -170,7 +251,7 @@ function page_numbers($template, $origin, $quote_limit, $page_default, $page_lim | |||
170 | { | 251 | { |
171 | $numrows = countRows('rash_quotes'); | 252 | $numrows = countRows('rash_quotes'); |
172 | $testrows = $numrows; | 253 | $testrows = $numrows; |
173 | $pagenum = (($testrows + 1) / ($quote_limit > 0 ? $quote_limit : 1)); | 254 | $pagenum = floor(($testrows + 1) / ($quote_limit > 0 ? $quote_limit : 1)); |
174 | 255 | ||
175 | if (($page_limit % 2)) | 256 | if (($page_limit % 2)) |
176 | { | 257 | { |
@@ -227,86 +308,4 @@ function page_numbers($template, $origin, $quote_limit, $page_default, $page_lim | |||
227 | $template->add('LASTPAGE',$pagenum); | 308 | $template->add('LASTPAGE',$pagenum); |
228 | } | 309 | } |
229 | 310 | ||
230 | function user_quote_status($where, $quote_num, $template) | ||
231 | { | ||
232 | $tracking_verdict = ip_track($where, $quote_num); | ||
233 | if ($where != 'flag') | ||
234 | { | ||
235 | switch ($tracking_verdict) | ||
236 | { | ||
237 | case 1: | ||
238 | $template->add('TRACKING',"Quote has been modified, and data of your action has been recorded in the database."); | ||
239 | break; | ||
240 | case 2: | ||
241 | $template->add('TRACKING',"Quote has been modified, your IP has been logged, and data of your action has been recorded in the database."); | ||
242 | break; | ||
243 | case 3: | ||
244 | $template->add('TRACKING',"You have already voted on this quote, please try again later."); | ||
245 | break; | ||
246 | } | ||
247 | } | ||
248 | return $tracking_verdict; | ||
249 | } | ||
250 | |||
251 | function ip_track($where, $quote_num) | ||
252 | { | ||
253 | switch ($where) | ||
254 | { | ||
255 | case 'flag': | ||
256 | $where2 = 'vote'; | ||
257 | break; | ||
258 | case 'vote': | ||
259 | $where2 = 'flag'; | ||
260 | break; | ||
261 | } | ||
262 | |||
263 | $getip = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
264 | $getip2 = mysql_query($getip); | ||
265 | $getip3 = mysql_fetch_array($getip2); | ||
266 | |||
267 | if ($getip3['ip'] == $_SERVER['REMOTE_ADDR']) | ||
268 | { | ||
269 | $quote_array = explode(",", $getip3['quote_id']); | ||
270 | $quote_place = array_search($quote_num, $quote_array); | ||
271 | if (in_array($quote_num, $quote_array)) | ||
272 | { | ||
273 | $where_result = explode(",", $getip3[$where]); | ||
274 | if (!isset($where_result[$quote_place])) | ||
275 | { | ||
276 | $where_result[$quote_place] = 1; | ||
277 | $where_result = implode(",", $where_result); | ||
278 | $setip = "UPDATE rash_tracking SET " . $where . " = \"" . $where_result . "\" WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
279 | $setip2 = mysql_query($getip); | ||
280 | return 1; | ||
281 | } else { | ||
282 | return 3; | ||
283 | } | ||
284 | } else { | ||
285 | $setip = "UPDATE rash_tracking SET " . $where . " = CONCAT(" . $where . ",\",1\"), " . $where2 . " = CONCAT(" . $where2 . ",\",0\"), quote_id = CONCAT(quote_id,\"," . $quote_num . "\") WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
286 | $setip2 = mysql_query($setip); | ||
287 | return 1; | ||
288 | } | ||
289 | } else { | ||
290 | $insip = "INSERT INTO rash_tracking (ip, quote_id, " . $where . ", " . $where2 . ") VALUES (\"" . $_SERVER['REMOTE_ADDR'] . "\", \"" . $quote_num . "\", 1, 0)"; | ||
291 | $insip2 = mysql_query($insip); | ||
292 | return 2; | ||
293 | } | ||
294 | } | ||
295 | |||
296 | function verify_int($subject) | ||
297 | { | ||
298 | $ymax = strlen($subject); | ||
299 | $y = 0; | ||
300 | while($y < $ymax) | ||
301 | { | ||
302 | if ((is_int((int)($subject{$y})) && (int)($subject{$y})) || (int)($subject{$y}) === 0 ) | ||
303 | { | ||
304 | $y++; | ||
305 | } else { | ||
306 | return false; | ||
307 | } | ||
308 | } | ||
309 | return true; | ||
310 | } | ||
311 | |||
312 | ?> | 311 | ?> |
diff --git a/pages/vote.php b/pages/vote.php index 667b5c9..339bbf9 100755 --- a/pages/vote.php +++ b/pages/vote.php | |||
@@ -22,46 +22,34 @@ if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} | |||
22 | 22 | ||
23 | require('headerproc.php'); | 23 | require('headerproc.php'); |
24 | 24 | ||
25 | $pageCategory = 'home'; | ||
26 | $pageAID = 'archive'; | ||
27 | |||
28 | $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; | 25 | $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; |
29 | $getpost2 = mysql_query($getpost); | 26 | $getpost2 = mysql_query($getpost); |
30 | $getpost3 = mysql_fetch_array($getpost2); | 27 | $getpost3 = mysql_fetch_array($getpost2); |
31 | 28 | ||
32 | if ($getpost3['id'] == $_GET['id']) | 29 | if ($getpost3['id'] == $_GET['id']) |
33 | { | 30 | { |
34 | $template = new FITemplate('msg2'); | ||
35 | $template->add('BACK','Back to ' . stripslashes($getpost3['title'])); | ||
36 | $template->add('LINK','/blog/' . $getpost3['slug'] . '/'); | ||
37 | |||
38 | if ($_GET['dir'] == 'plus') | 31 | if ($_GET['dir'] == 'plus') |
39 | { | 32 | { |
40 | if (updatePop($_GET['id'],'rating')) | 33 | $add = 1; |
41 | { | ||
42 | $template->add('MSG','Thank you for voting!'); | ||
43 | } else { | ||
44 | $template->add('MSG','I\'m sorry, but you\'ve already voted on this post.'); | ||
45 | } | ||
46 | } else if ($_GET['dir'] == 'minus') | 34 | } else if ($_GET['dir'] == 'minus') |
47 | { | 35 | { |
48 | if (updatePop($_GET['id'],'rating',-1)) | 36 | $add = -1; |
49 | { | 37 | } else { |
50 | $template->add('MSG','Thank you for voting!'); | 38 | die; |
51 | } else { | 39 | } |
52 | $template->add('MSG','I\'m sorry, but you\'ve already voted on this post.'); | 40 | |
53 | } | 41 | if (updatePop($_GET['id'],'rating',$add)) |
42 | { | ||
43 | $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; | ||
44 | $getpost2 = mysql_query($getpost); | ||
45 | $getpost3 = mysql_fetch_array($getpost2); | ||
46 | |||
47 | die($getpost3['rating']); | ||
54 | } else { | 48 | } else { |
55 | $template = new FITemplate('msg'); | 49 | die; |
56 | $template->add('BACK','the previous page'); | ||
57 | $template->add('MSG','Um, what on earth are you doing?'); | ||
58 | } | 50 | } |
59 | } else { | 51 | } else { |
60 | $template = new FITemplate('msg'); | 52 | generateError('404'); |
61 | $template->add('BACK','the previous page'); | ||
62 | $template->add('MSG','Um, what on earth are you doing?'); | ||
63 | } | 53 | } |
64 | 54 | ||
65 | $template->display(); | ||
66 | |||
67 | ?> | 55 | ?> |
diff --git a/pages/welcome.php b/pages/welcome.php index e224c8e..26f9938 100755 --- a/pages/welcome.php +++ b/pages/welcome.php | |||
@@ -22,13 +22,24 @@ if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} | |||
22 | 22 | ||
23 | require('headerproc.php'); | 23 | require('headerproc.php'); |
24 | 24 | ||
25 | $pageCategory = 'home'; | 25 | $pageCategory = 'blog'; |
26 | |||
27 | $hatNav = array( array( 'title' => 'Archive', | ||
28 | 'url' => 'http://fourisland.com/blog/', | ||
29 | 'icon' => '16-file-archive')); | ||
30 | |||
26 | 31 | ||
27 | $template = new FITemplate('post'); | 32 | $template = new FITemplate('post'); |
28 | $template->adds_block('EXTERNAL',array('exi'=>1)); | 33 | $template->adds_block('EXTERNAL',array('exi'=>1)); |
29 | 34 | ||
30 | $curID = 0; | 35 | $curID = 0; |
31 | 36 | ||
37 | $gettrack = "SELECT * FROM tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
38 | $gettrack2 = mysql_query($gettrack); | ||
39 | $gettrack3 = mysql_fetch_array($gettrack2); | ||
40 | |||
41 | $trackArr = explode(',',$gettrack3['rating']); | ||
42 | |||
32 | $getpost = "SELECT * FROM updates ORDER BY id DESC LIMIT 0,4"; | 43 | $getpost = "SELECT * FROM updates ORDER BY id DESC LIMIT 0,4"; |
33 | $getpost2 = mysql_query($getpost); | 44 | $getpost2 = mysql_query($getpost); |
34 | while ($getpost3 = mysql_fetch_array($getpost2)) | 45 | while ($getpost3 = mysql_fetch_array($getpost2)) |
@@ -59,7 +70,7 @@ while ($getpost3 = mysql_fetch_array($getpost2)) | |||
59 | 70 | ||
60 | $template->add_ref($curID, 'POST', array( 'ID' => $getpost3['id'], | 71 | $template->add_ref($curID, 'POST', array( 'ID' => $getpost3['id'], |
61 | 'YEARID' => ((date('Y',strtotime($getpost3['pubDate']))-2006) % 4), | 72 | 'YEARID' => ((date('Y',strtotime($getpost3['pubDate']))-2006) % 4), |
62 | 'DATE' => date('F dS Y \a\\t g:i:s a',strtotime($getpost3['pubDate'])), | 73 | 'DATE' => date('F jS Y \a\\t g:i:s a',strtotime($getpost3['pubDate'])), |
63 | 'MONTH' => date('M',strtotime($getpost3['pubDate'])), | 74 | 'MONTH' => date('M',strtotime($getpost3['pubDate'])), |
64 | 'DAY' => date('d',strtotime($getpost3['pubDate'])), | 75 | 'DAY' => date('d',strtotime($getpost3['pubDate'])), |
65 | 'CODED' => $getpost3['slug'], | 76 | 'CODED' => $getpost3['slug'], |
@@ -76,6 +87,13 @@ while ($getpost3 = mysql_fetch_array($getpost2)) | |||
76 | $template->adds_ref_sub($curID, 'TAGS', array('TAG' => $tag)); | 87 | $template->adds_ref_sub($curID, 'TAGS', array('TAG' => $tag)); |
77 | } | 88 | } |
78 | 89 | ||
90 | if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($getpost3['id'],$trackArr) === FALSE)) | ||
91 | { | ||
92 | $template->adds_ref_sub($curID, 'CANVOTE', array('exi'=>1)); | ||
93 | } else { | ||
94 | $template->adds_ref_sub($curID, 'NOVOTE', array('exi'=>1)); | ||
95 | } | ||
96 | |||
79 | $curID++; | 97 | $curID++; |
80 | } | 98 | } |
81 | 99 | ||