From 893957c41481a0cd5eb624096337762ffa54ff28 Mon Sep 17 00:00:00 2001 From: Starla Insigna Date: Sun, 9 Aug 2009 09:14:58 -0400 Subject: Created layout 7 The following changes were also made in this revision: * All HTML was changed to XHTML and a !DOCTYPE was included to reflect this * Rewrote quotes tracking system to be much less complicated and actually working * Changed quotes rendering to look more like Chirpy than Rash * Fixed comment textarea bug * Rewrote a ton of CSS so it's not as bloated * Added a JavaScript confirmation when deleting a comment * AJAXified voting on the POTW * AJAXified voting and flagging quotes * AJAXified commenting * AJAXified voting on posts * Added DateFinder back after it was accidentally deleted in Layout 4.5 The following database changes must be performed as soon as possible: * Fix title of NO post (the < is missing the semicolon) * Restore post Frasty Tha Snaman from a backup * Reset "flag" field of all rows in "rash_quotes" to 0 * Remove the "vote" and "flag" columns of "rash_tracking" * Rename the "quote_id" column of "rash_tracking" to "vote" The following external code changes must also be performed as soon as possible: * Add the following line to the end of the // Four Island block in The Fourm's functions.php: require('/svr/www/hatkirby/fourisland/main/includes/specialdates.php'); --- pages/admin.php | 13 ++- pages/blog.php | 23 ++++- pages/holidates.php | 35 ++++++- pages/poll-results.php | 54 ++++++++++ pages/poll.php | 29 +----- pages/post.php | 103 ++++++++++--------- pages/quotes.php | 261 ++++++++++++++++++++++++------------------------- pages/vote.php | 42 +++----- pages/welcome.php | 22 ++++- 9 files changed, 339 insertions(+), 243 deletions(-) create mode 100644 pages/poll-results.php (limited to 'pages') diff --git a/pages/admin.php b/pages/admin.php index 12a2d01..326cbdd 100755 --- a/pages/admin.php +++ b/pages/admin.php @@ -233,7 +233,7 @@ if (isLoggedIn()) $template->adds_block('INTERNAL',array('exi'=>1)); $template->add_ref(0, 'POST', array( 'ID' => $getdraft3['id'], 'YEARID' => ((date('Y')-2006) % 4), - 'DATE' => date('F dS Y \a\\t g:i:s a'), + 'DATE' => date('F jS Y \a\\t g:i:s a'), 'MONTH' => date('M'), 'DAY' => date('d'), 'CODED' => $getdraft3['slug'], @@ -335,7 +335,7 @@ if (isLoggedIn()) $template->adds_block('INTERNAL',array('exi'=>1)); $template->add_ref(0, 'POST', array( 'ID' => $getpending3['id'], 'YEARID' => ((date('Y')-2006) % 4), - 'DATE' => date('F dS Y \a\\t g:i:s a'), + 'DATE' => date('F jS Y \a\\t g:i:s a'), 'MONTH' => date('M'), 'DAY' => date('d'), 'CODED' => $getpending3['slug'], @@ -544,7 +544,7 @@ if (isLoggedIn()) $template->add('USERNAME', $getcomment3['author']); $template->add('CODEDEMAIL', md5(strtolower($getcomment3['email']))); $template->add('TEXT', parseText($getcomment3['comment'])); - $template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); + $template->add('DATE', date("F jS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); @@ -649,8 +649,7 @@ if (isLoggedIn()) { if (isset($_GET['approve'])) { - $today = mktime(date('G'),date('i'),date('s'),date('m'),date('d'),date('Y')); - $insquote = "INSERT INTO rash_quotes (quote,date) VALUES (\"" . mysql_real_escape_string($getpending3['quote']) . "\",\"" . $today . "\")"; + $insquote = "INSERT INTO rash_quotes (quote,date) VALUES (\"" . mysql_real_escape_string($getpending3['quote']) . "\",\"" . time() . "\")"; $insquote2 = mysql_query($insquote); $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id']; @@ -721,9 +720,9 @@ if (isLoggedIn()) $getconfig3 = mysql_fetch_array($getconfig2); if ($getconfig3['value'] == '1') { - $template->add('ON', ' CHECKED="CHECKED"'); + $template->add('ON', ' checked="checked"'); } else { - $template->add('OFF', ' CHECKED="CHECKED"'); + $template->add('OFF', ' checked="checked"'); } } } else { diff --git a/pages/blog.php b/pages/blog.php index a03d3b1..c9781ee 100755 --- a/pages/blog.php +++ b/pages/blog.php @@ -27,7 +27,7 @@ if ((strpos($_SERVER['REQUEST_URI'],'index.php')) && (isset($_GET['post']))) header('Location: /blog/' . $_GET['post'] . '/'); } -$pageCategory = 'home'; +$pageCategory = 'blog'; $pageAID = 'archive'; if (isset($_GET['post'])) @@ -65,7 +65,7 @@ if (isset($_GET['post'])) $template->add_ref(0, 'POST', array( 'ID' => $getpost3['id'], 'YEARID' => ((date('Y',strtotime($getpost3['pubDate']))-2006) % 4), - 'DATE' => date('F dS Y \a\\t g:i:s a',strtotime($getpost3['pubDate'])), + 'DATE' => date('F jS Y \a\\t g:i:s a',strtotime($getpost3['pubDate'])), 'MONTH' => date('M',strtotime($getpost3['pubDate'])), 'DAY' => date('d',strtotime($getpost3['pubDate'])), 'CODED' => $getpost3['slug'], @@ -80,6 +80,19 @@ if (isset($_GET['post'])) $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag)); } + $gettrack = "SELECT * FROM tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; + $gettrack2 = mysql_query($gettrack); + $gettrack3 = mysql_fetch_array($gettrack2); + + $trackArr = explode(',',$gettrack3['rating']); + + if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($getpost3['id'],$trackArr) === FALSE)) + { + $template->adds_ref_sub(0, 'CANVOTE', array('exi'=>1)); + } else { + $template->adds_ref_sub(0, 'NOVOTE', array('exi'=>1)); + } + $template->display(); $getpings = "SELECT * FROM pingbacks WHERE post_id = " . $getpost3['id']; @@ -93,8 +106,8 @@ if (isset($_GET['post'])) } $template->adds_block('PINGBACK', array( 'TITLE' => $getpings3[$i]['title'], - 'URL' => $getpings3[$i]['url'], - 'DATE' => date('F d<\S\U\P>S Y', strtotime($getpings3[$i]['pubDate'])))); + 'URL' => htmlspecialchars($getpings3[$i]['url']), + 'DATE' => date('F jS Y', strtotime($getpings3[$i]['pubDate'])))); $i++; } @@ -124,7 +137,7 @@ if (isset($_GET['post'])) { $template->adds_block('BIO', array( 'TEXT' => $getbio3['text'], 'USERNAME' => $getbio3['username'], - 'DATE' => date('F dS Y \a\\t g:i:s a',strtotime($getbio3['lastUpdated'])))); + 'DATE' => date('F jS Y \a\\t g:i:s a',strtotime($getbio3['lastUpdated'])))); } } elseif (isset($_GET['tag'])) { diff --git a/pages/holidates.php b/pages/holidates.php index 29b0ca4..e5d8860 100755 --- a/pages/holidates.php +++ b/pages/holidates.php @@ -1,10 +1,39 @@ - $val) { $date = sd_clearDate(); $date += ($num*60*60*24); - echo(''); + $template->adds_block('DATE', array( 'EVEN' => (($num % 2 == 0) ? ' CLASS="even"' : ''), + 'NUM' => $num, + 'DATE' => date('F jS', $date), + 'TEXT' => $val)); } -?>
IDDateHolidate
' . $num . '' . date('F jS',$date) . '' . $val . '
+$template->display(); + +?> diff --git a/pages/poll-results.php b/pages/poll-results.php new file mode 100644 index 0000000..e829e53 --- /dev/null +++ b/pages/poll-results.php @@ -0,0 +1,54 @@ += 1) && ($_GET['id'] <= 4)) +{ + if (isLoggedIn()) + { + $getip = "SELECT * FROM didpollalready WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; + $getip2 = mysql_query($getip); + $getip3 = mysql_fetch_array($getip2); + + if ($getip3['ip'] != $_SERVER['REMOTE_ADDR']) + { + $setip = "INSERT INTO didpollalready SET ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; + $setip2 = mysql_query($setip); + $getpoll = "SELECT * FROM polloftheweek ORDER BY id DESC LIMIT 0,1"; + $getpoll2 = mysql_query($getpoll); + $getpoll3 = mysql_fetch_array($getpoll2); + $setpoll = "UPDATE polloftheweek SET clicks" . $_GET['id'] . " = " . ($getpoll3['clicks' . $_GET['id']]+1) . " WHERE id = " . $getpoll3['id']; + $setpoll2 = mysql_query($setpoll); + + die(getPollOfTheWeek()); + } else { + generateError('404'); + } + } else { + generateError('404'); + } +} else { + generateError('404'); +} + +?> diff --git a/pages/poll.php b/pages/poll.php index d9cce70..6582d90 100755 --- a/pages/poll.php +++ b/pages/poll.php @@ -24,22 +24,7 @@ require('headerproc.php'); $pageCategory = 'poll'; -if (isset($_GET['submit'])) -{ - $setip = "INSERT INTO didpollalready SET ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; - $setip2 = mysql_query($setip); - $getpoll = "SELECT * FROM polloftheweek ORDER BY id DESC LIMIT 0,1"; - $getpoll2 = mysql_query($getpoll); - $getpoll3 = mysql_fetch_array($getpoll2); - $setpoll = "UPDATE polloftheweek SET clicks" . $_POST['options'] . " = " . ($getpoll3['clicks' . $_POST['options']]+1) . " WHERE id = " . $getpoll3['id']; - $setpoll2 = mysql_query($setpoll); - - $template = new FITemplate('msg'); - - $template->add('MSG','

' . $getpoll3['question'] . '

Thank you for voting on the Poll of the Week!
Click here to visit the page for this poll.'); - - $template->display(); -} else if (!isset($_GET['id'])) +if (!isset($_GET['id'])) { $template = new FITemplate('pollIndex'); @@ -70,7 +55,7 @@ if (isset($_GET['submit'])) $template->adds_block('POLL', array( 'ID' => $getpolls3[$i]['id'], 'QUESTION' => $question, 'WEEK' => date('F jS Y', strtotime($getpolls3[$i]['week'])), - 'EVEN' => (($i % 2 == 1) ? ' CLASS="even"' : ''))); + 'EVEN' => (($i % 2 == 1) ? ' class="even"' : ''))); $i++; } @@ -94,8 +79,7 @@ if (isset($_GET['submit'])) $template->adds_block('NEXT', array('ID' => ($start+1))); } - include('pages/polloftheweek.php'); - + $template->add('POTW', getPollOfTheWeek()); $template->display(); } else { $template = new FITemplate('poll'); @@ -114,7 +98,7 @@ if (isset($_GET['submit'])) { $template->adds_block('COMPLETE', array( 'RSS' => parseText($getrss3['rss']), 'AUTHOR' => $getrss3['author'], - 'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getrss3['date'])), + 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getrss3['date'])), 'OPTION1' => $getpoll3['option1'], 'OPTION2' => $getpoll3['option2'], 'OPTION3' => $getpoll3['option3'], @@ -127,10 +111,7 @@ if (isset($_GET['submit'])) $template->adds_block('INCOMPLETE', array('exi'=>1)); } - $forceDisplay = $_GET['id']; - include('pages/polloftheweek.php'); - unset($forceDisplay); - + $template->add('POTW', getPollOfTheWeek($_GET['id'])); $template->display(); $page_id = 'polloftheweek-' . $getpoll3['id']; diff --git a/pages/post.php b/pages/post.php index 87413e8..121435a 100755 --- a/pages/post.php +++ b/pages/post.php @@ -22,74 +22,79 @@ if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} require('headerproc.php'); -$pageCategory = 'home'; -$pageAID = 'archive'; - include('includes/recaptchalib.php'); $privatekey = "6LfgvgEAAAAAAD0_UVLp57MU7tqcypsbZPS9qTnr"; -$template = new FITemplate('msg'); -$template->add('BACK','the previous page'); - -if (!isset($_GET['id'])) +if (!isset($_POST['id'])) { - $template->add('MSG','I\'m sorry, but there\'s no page-id set here, so sadly you can\'t comment yet. Why not contact the administratior (link on the HatBar) and tell her that you saw this error?'); + generateError('404'); } else { if ($_POST['comment'] == "") { - $template->add('MSG','I\'m sorry, but you didn\'t enter a comment!'); + die('I\'m sorry, but you didn\'t enter a comment!'); } else { if (!isLoggedIn()) { - $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); - if (!$resp->is_valid) + if ($_POST['username'] == "") { - $template->add('MSG',"The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA said: " . $resp->error . ")"); + die('You forgot to enter a username.'); } else { if (preg_match('/^[A-Za-z0-9!#$&\'*+-\/=?^_`{|}~]+@[-A-Za-z0-9]+(\.[-A-Za-z0-9]+)+[A-Za-z]$/', $_POST['email'])) { - $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $_POST['username'] . "\""; - $getanon2 = mysql_query($getanon); - $getanon3 = mysql_fetch_array($getanon2); - - if ($getanon3['username'] == $_POST['username']) + $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); + if (!$resp->is_valid) { - if ($getanon3['email'] == $_POST['email']) - { - $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", user_id = " . $getanon3['id'] . ", comment = \"" . $_POST['comment'] . "\", is_anon = 1"; - $setcomment2 = mysql_query($setcomment); + die('The reCAPTCHA wasn\'t entered correctly. Go back and try it again.'); + } else { + $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $_POST['username'] . "\""; + $getanon2 = mysql_query($getanon); + $getanon3 = mysql_fetch_array($getanon2); - $page_id = $_GET['id']; - $comType = substr($page_id,0,strpos($page_id,'-')); - $comID = substr($page_id,strpos($page_id,'-')+1); - if ($comType == 'updates') + if ($getanon3['username'] == $_POST['username']) + { + if ($getanon3['email'] == $_POST['email']) { - recalcPop($comID); + $setcomment = "INSERT INTO comments SET page_id = \"" . $_POST['id'] . "\", user_id = " . $getanon3['id'] . ", comment = \"" . $_POST['comment'] . "\", is_anon = 1"; + $setcomment2 = mysql_query($setcomment); + $cid = mysql_insert_id(); + + $page_id = $_POST['id']; + $comType = substr($page_id,0,strpos($page_id,'-')); + $comID = substr($page_id,strpos($page_id,'-')+1); + if ($comType == 'updates') + { + recalcPop($comID); + } + + $template = new FITemplate('new-comment'); + $template->add('ID', $cid); + $template->add('CODEDEMAIL', md5(strtolower($getanon3['email']))); + $template->add('TEXT', stripslashes($_POST['comment'])); + $template->add('USERNAME', $getanon3['username']); + $template->add('DATE', date("F jS Y \a\\t g:i:s a")); + $template->display(); + + exit; + } else { + die('I\'m sorry, but this anonymous username is already in use. If this is in fact you, please verify that you have entered the same email address that you entered the first time you commented here.'); } - - $template->add('MSG',"Thank you, " . $getanon3['username'] . ", for posting your valuable comment!"); } else { - $template->add('MSG',"I'm sorry, but this anonymous username is already in use. If this is in fact you, please verify that you have entered the same email address that you entered the first time you commented here."); - } - } else { - $setcomment = "INSERT INTO moderation SET page_id = \"" . $_GET['id'] . "\", author = \"" . $_POST['username'] . "\", email = \"" . $_POST['email'] . "\", comment = \"" . $_POST['comment'] . "\", website = \"" . $_POST['website'] . "\""; - $setcomment2 = mysql_query($setcomment); - - mail('hatkirby@fourisland.com', 'New comment to moderate on Four Island', 'Some one has anonymously left a comment on Four Island and it will require moderation.'); + $setcomment = "INSERT INTO moderation SET page_id = \"" . $_POST['id'] . "\", author = \"" . $_POST['username'] . "\", email = \"" . $_POST['email'] . "\", comment = \"" . $_POST['comment'] . "\", website = \"" . $_POST['website'] . "\""; + $setcomment2 = mysql_query($setcomment); - $template->add('MSG',"Thank you for posting your valuable comment!

However, as you aren't logged in, your comment will have to be verified by a moderator before it appears. Sorry!"); + die('Thank you for posting your valuable comment!
However, as you aren\'t logged in, your comment will have to be verified by a moderator before it appears. Sorry!'); + } } } else { - $template->add('MSG',"I'm sorry, but you've entered an invalid email address."); + die('I\'m sorry, but you\'ve entered an invalid email address.'); } } } else { - $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", user_id = " . getSessionUserID() . ", comment = \"" . $_POST['comment'] . "\", is_anon = 0"; + $setcomment = "INSERT INTO comments SET page_id = \"" . $_POST['id'] . "\", user_id = " . getSessionUserID() . ", comment = \"" . $_POST['comment'] . "\", is_anon = 0"; $setcomment2 = mysql_query($setcomment); + $cid = mysql_insert_id(); - mail('hatkirby@fourisland.com', 'New comment on Four Island!', getSessionUsername() . ' has posted a comment on Four Island under the "page id" ' . $_GET['id']); - - $page_id = $_GET['id']; + $page_id = $_POST['id']; $comType = substr($page_id,0,strpos($page_id,'-')); $comID = substr($page_id,strpos($page_id,'-')+1); if ($comType == 'updates') @@ -97,11 +102,21 @@ if (!isset($_GET['id'])) recalcPop($comID); } - $template->add('MSG',"Thank you, " . getSessionUsername() . ", for posting your valuable comment!"); + $getuser = "SELECT * FROM phpbb_users WHERE user_id = " . getSessionUserID(); + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + + $template = new FITemplate('new-comment'); + $template->add('ID', $cid); + $template->add('CODEDEMAIL', md5(strtolower($getuser3['user_email']))); + $template->add('TEXT', stripslashes($_POST['comment'])); + $template->add('USERNAME', getSessionUsername()); + $template->add('DATE', date("F jS Y \a\\t g:i:s a")); + $template->display(); + + exit; } } } -$template->display(); - ?> diff --git a/pages/quotes.php b/pages/quotes.php index 6db3cb0..4e0332f 100755 --- a/pages/quotes.php +++ b/pages/quotes.php @@ -24,70 +24,92 @@ require('headerproc.php'); $pageCategory = 'quotes'; -if (isset($_GET['id'])) +$hatNav = array( array( 'title' => 'Latest', + 'url' => 'http://fourisland.com/quotes/latest.php', + 'icon' => '16-star-hot' + ), + array( 'title' => 'Best', + 'url' => 'http://fourisland.com/quotes/top.php', + 'icon' => 'medal_gold_1' + ), + array( 'title' => 'Worst', + 'url' => 'http://fourisland.com/quotes/bottom.php', + 'icon' => '16-message-warn' + ), + array( 'title' => 'Browse All', + 'url' => 'http://fourisland.com/quotes/browse.php', + 'icon' => '16-file-archive' + ), + array( 'title' => 'Random', + 'url' => 'http://fourisland.com/quotes/random.php', + 'icon' => '16-clock' + ), + array( 'title' => 'Add', + 'url' => 'http://fourisland.com/quotes/add.php', + 'icon' => '16-em-pencil' + ), + array( 'title' => 'Search', + 'url' => 'http://fourisland.com/quotes/search.php', + 'icon' => 'book_open' + )); + +if (isset($_GET['id']) && is_numeric($_GET['id'])) { $quote_num = $_GET['id']; } -if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest')) +if (isset($_GET['id']) && !(is_numeric($_GET['id']))) +{ + generateError('404'); +} else if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest')) { - $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY id DESC LIMIT 50"; + $query = "SELECT * FROM rash_quotes ORDER BY id DESC LIMIT 50"; quote_generation($query, "Latest", -1); } else if ($_GET['act'] == 'add') { $template = new FITemplate('quotes/add'); if (isset($_GET['submit'])) { - $template->adds_block('SUBMITTED',array('QUOTE' => (nl2br(htmlspecialchars($_POST['rash_quote'])) . "\n"))); + $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","
",htmlentities($_POST['rash_quote'])))); if (!isLoggedIn()) { $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; } else { - $today = mktime(date('G'),date('i'),date('s'),date('m'),date('d'),date('Y')); - $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . $today . "\")"; + $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . time() . "\")"; } $insquote2 = mysql_query($insquote); } $template->display(); } elseif ($_GET['act'] == 'bottom') { - $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating < 0 ORDER BY rating ASC LIMIT 50"; + $query = "SELECT * FROM rash_quotes WHERE rating < 0 ORDER BY rating ASC LIMIT 50"; quote_generation($query, "Bottom", -1); } elseif ($_GET['act'] == 'browse') { - $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY id ASC "; + $query = "SELECT * FROM rash_quotes ORDER BY id ASC "; quote_generation($query, "Browse", (isset($_GET['page']) ? $_GET['page'] : 1), 10, 5); } elseif ($_GET['act'] == 'flag') { - $template = new FITemplate('msg'); - $tracking_verdict = user_quote_status('flag', $quote_num, $template); - if ($tracking_verdict < 3) + $getfla = "SELECT * FROM rash_quotes WHERE id = " . $quote_num . " LIMIT 0,1"; + $getfla2 = mysql_query($getfla); + $getfla3 = mysql_fetch_array($getfla2); + + if ($getfla3['flag'] == 2) { - $getfla = "SELECT flag FROM rash_quotes WHERE id = " . $quote_num . " LIMIT 0,1"; - $getfla2 = mysql_query($getfla); - $getfla3 = mysql_fetch_array($getfla2); + die('0'); + } else { + $setfla = "UPDATE rash_quotes SET flag = 1 WHERE id = " . $quote_num; + $setfla2 = mysql_query($setfla); - if ($getfla3['flag'] == 2) - { - $template->add('MSG',"This quote has been flagged and rechecked by a moderator already."); - } elseif ($getfla3['flag'] == 1) - { - $template->add('MSG',"This quote is currently pending deletion."); - } else { - $template->add('MSG',"You have marked this quote for deletion."); - $setfla = "UPDATE rash_quotes SET flag = 1 WHERE id = " . $quote_num; - $setfla2 = mysql_query($setfla); - } + die('1'); } - $template->add('BACK','Quote #' . $quote_num); - $template->display(); } elseif ($_GET['act'] == 'random') { - $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY rand() LIMIT 50"; + $query = "SELECT * FROM rash_quotes ORDER BY rand() LIMIT 50"; quote_generation($query, "Random", -1); } elseif ($_GET['act'] == 'random2') { - $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating > 1 ORDER BY rand() LIMIT 50"; + $query = "SELECT * FROM rash_quotes WHERE rating > 1 ORDER BY rand() LIMIT 50"; quote_generation($query, "Random2", -1); } elseif ($_GET['act'] == 'search') { @@ -99,22 +121,24 @@ if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest')) } else { $how = 'asc'; } - $getquotes = "SELECT id, quote, rating, flag FROM rash_quotes WHERE quote LIKE \"%" . $_POST['search'] . "%\" ORDER BY " . $_POST['sortby'] . " " . $how . " LIMIT 0," . $_POST['number']; + $getquotes = "SELECT * FROM rash_quotes WHERE quote LIKE \"%" . $_POST['search'] . "%\" ORDER BY " . $_POST['sortby'] . " " . $how . " LIMIT 0," . $_POST['number']; quote_generation($getquotes, "Query Results", -1); } $template = new FITemplate('quotes/search'); $template->display(); } elseif ($_GET['act'] == 'top') { - $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating > 0 ORDER BY rating DESC LIMIT 50"; + $query = "SELECT * FROM rash_quotes WHERE rating > 0 ORDER BY rating DESC LIMIT 50"; quote_generation($query, "Top", -1); } elseif ($_GET['act'] == 'vote') { - $template = new FITemplate('msg'); - $tracking_verdict = user_quote_status('vote', $quote_num,$template); - $template->add('BACK','Quote #' . $quote_num); - $template->display(); - if ($tracking_verdict < 3) + $gettrack = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; + $gettrack2 = mysql_query($gettrack); + $gettrack3 = mysql_fetch_array($gettrack2); + + $trackArr = explode(',',$gettrack3['vote']); + + if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($quote_num,$trackArr) === FALSE)) { if ($_GET['dir'] == "plus") { @@ -125,18 +149,32 @@ if ((!isset($_GET['act'])) || ($_GET['act'] == 'latest')) $setquote = "UPDATE rash_quotes SET rating = rating-1 WHERE id = " . $quote_num; $setquote2 = mysql_query($setquote); } - } -} else { - if ((is_int($_GET['act']) || ($_GET['act'] != false)) && (verify_int($_GET['act']))) - { - $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE id = " . $_GET['act']; - quote_generation($query, "#" . $_GET['act'], -1); - $page_id = 'quote-' . $_GET['act']; - include('includes/comments.php'); + if ($gettrack3['ip'] == $_SERVER['REMOTE_ADDR']) + { + $settrack = "UPDATE rash_tracking SET vote = \"" . $gettrack3['vote'] . "," . $quote_num . "\" WHERE id = " . $gettrack3['id']; + } else { + $settrack = "INSERT INTO tracking (ip,vote) VALUES (\"" . $_SERVER['REMOTE_ADDR'] . "\",\"" . $quote_num . "\")"; + } + $settrack2 = mysql_query($settrack) or die($settrack); + + $getquote = "SELECT * FROM rash_quotes WHERE id = " . $quote_num; + $getquote2 = mysql_query($getquote); + $getquote3 = mysql_fetch_array($getquote2); + + die($getquote3['rating']); } else { - generateError('404'); + die; } +} else if (is_numeric($_GET['act'])) +{ + $query = "SELECT * FROM rash_quotes WHERE id = " . $_GET['act']; + quote_generation($query, "#" . $_GET['act'], -1); + + $page_id = 'quote-' . $_GET['act']; + include('includes/comments.php'); +} else { + generateError('404'); } function quote_generation($query, $origin, $page = 1, $quote_limit = 50, $page_limit = 10) @@ -152,13 +190,56 @@ function quote_generation($query, $origin, $page = 1, $quote_limit = 50, $page_l } $template->add('ORIGIN',$origin); + $gettrack = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; + $gettrack2 = mysql_query($gettrack); + $gettrack3 = mysql_fetch_array($gettrack2); + + $trackArr = explode(',',$gettrack3['vote']); + $getquotes2 = mysql_query($query); $i=0; while ($getquotes3[$i] = mysql_fetch_array($getquotes2)) { - $template->adds_block('QUOTES',array( 'NUMBER' => $getquotes3[$i]['id'], - 'RATING' => $getquotes3[$i]['rating'], - 'QUOTE' => parseSmilies(str_replace("\n","
",stripslashes($getquotes3[$i]['quote']))))); + if (!isset($curID)) + { + $curID = 0; + } else { + $curID++; + } + + $cntcomments = "SELECT COUNT(*) FROM comments WHERE page_id = \"quote-" . $getquotes3[$i]['id'] . "\""; + $cntcomments2 = mysql_query($cntcomments); + $cntcomments3 = mysql_fetch_array($cntcomments2); + + if ($cntcomments3['COUNT(*)'] == 0) + { + $comments = ''; + } else if ($cntcomments3['COUNT(*)'] == 1) + { + $comments = '1 Comment'; + } else { + $comments = $cntcomments3['COUNT(*)'] . ' Comments'; + } + + $template->add_ref($curID,'QUOTES',array( 'NUMBER' => $getquotes3[$i]['id'], + 'RATING' => $getquotes3[$i]['rating'], + 'DATE' => ($getquotes3[$i]['date'] != 0 ? date('F jS Y \a\\t g:i:s a', $getquotes3[$i]['date']) : ''), + 'QUOTE' => str_replace("\n","
",htmlentities(stripslashes($getquotes3[$i]['quote']))), + 'COMMENTS' => $comments)); + + if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($getquotes3[$i]['id'],$trackArr) === FALSE)) + { + $template->adds_ref_sub($curID, 'CANVOTE', array('exi'=>1)); + } else { + $template->adds_ref_sub($curID, 'NOVOTE', array('exi'=>1)); + } + + if ($getquotes3[$i]['flag'] == 0) + { + $template->adds_ref_sub($curID, 'CANFLAG', array('exi'=>1)); + } else { + $template->adds_ref_sub($curID, 'NOFLAG', array('exi'=>1)); + } $i++; } @@ -170,7 +251,7 @@ function page_numbers($template, $origin, $quote_limit, $page_default, $page_lim { $numrows = countRows('rash_quotes'); $testrows = $numrows; - $pagenum = (($testrows + 1) / ($quote_limit > 0 ? $quote_limit : 1)); + $pagenum = floor(($testrows + 1) / ($quote_limit > 0 ? $quote_limit : 1)); if (($page_limit % 2)) { @@ -227,86 +308,4 @@ function page_numbers($template, $origin, $quote_limit, $page_default, $page_lim $template->add('LASTPAGE',$pagenum); } -function user_quote_status($where, $quote_num, $template) -{ - $tracking_verdict = ip_track($where, $quote_num); - if ($where != 'flag') - { - switch ($tracking_verdict) - { - case 1: - $template->add('TRACKING',"Quote has been modified, and data of your action has been recorded in the database."); - break; - case 2: - $template->add('TRACKING',"Quote has been modified, your IP has been logged, and data of your action has been recorded in the database."); - break; - case 3: - $template->add('TRACKING',"You have already voted on this quote, please try again later."); - break; - } - } - return $tracking_verdict; -} - -function ip_track($where, $quote_num) -{ - switch ($where) - { - case 'flag': - $where2 = 'vote'; - break; - case 'vote': - $where2 = 'flag'; - break; - } - - $getip = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; - $getip2 = mysql_query($getip); - $getip3 = mysql_fetch_array($getip2); - - if ($getip3['ip'] == $_SERVER['REMOTE_ADDR']) - { - $quote_array = explode(",", $getip3['quote_id']); - $quote_place = array_search($quote_num, $quote_array); - if (in_array($quote_num, $quote_array)) - { - $where_result = explode(",", $getip3[$where]); - if (!isset($where_result[$quote_place])) - { - $where_result[$quote_place] = 1; - $where_result = implode(",", $where_result); - $setip = "UPDATE rash_tracking SET " . $where . " = \"" . $where_result . "\" WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; - $setip2 = mysql_query($getip); - return 1; - } else { - return 3; - } - } else { - $setip = "UPDATE rash_tracking SET " . $where . " = CONCAT(" . $where . ",\",1\"), " . $where2 . " = CONCAT(" . $where2 . ",\",0\"), quote_id = CONCAT(quote_id,\"," . $quote_num . "\") WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; - $setip2 = mysql_query($setip); - return 1; - } - } else { - $insip = "INSERT INTO rash_tracking (ip, quote_id, " . $where . ", " . $where2 . ") VALUES (\"" . $_SERVER['REMOTE_ADDR'] . "\", \"" . $quote_num . "\", 1, 0)"; - $insip2 = mysql_query($insip); - return 2; - } -} - -function verify_int($subject) -{ - $ymax = strlen($subject); - $y = 0; - while($y < $ymax) - { - if ((is_int((int)($subject{$y})) && (int)($subject{$y})) || (int)($subject{$y}) === 0 ) - { - $y++; - } else { - return false; - } - } - return true; -} - ?> diff --git a/pages/vote.php b/pages/vote.php index 667b5c9..339bbf9 100755 --- a/pages/vote.php +++ b/pages/vote.php @@ -22,46 +22,34 @@ if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} require('headerproc.php'); -$pageCategory = 'home'; -$pageAID = 'archive'; - $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; $getpost2 = mysql_query($getpost); $getpost3 = mysql_fetch_array($getpost2); if ($getpost3['id'] == $_GET['id']) { - $template = new FITemplate('msg2'); - $template->add('BACK','Back to ' . stripslashes($getpost3['title'])); - $template->add('LINK','/blog/' . $getpost3['slug'] . '/'); - if ($_GET['dir'] == 'plus') { - if (updatePop($_GET['id'],'rating')) - { - $template->add('MSG','Thank you for voting!'); - } else { - $template->add('MSG','I\'m sorry, but you\'ve already voted on this post.'); - } + $add = 1; } else if ($_GET['dir'] == 'minus') { - if (updatePop($_GET['id'],'rating',-1)) - { - $template->add('MSG','Thank you for voting!'); - } else { - $template->add('MSG','I\'m sorry, but you\'ve already voted on this post.'); - } + $add = -1; + } else { + die; + } + + if (updatePop($_GET['id'],'rating',$add)) + { + $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; + $getpost2 = mysql_query($getpost); + $getpost3 = mysql_fetch_array($getpost2); + + die($getpost3['rating']); } else { - $template = new FITemplate('msg'); - $template->add('BACK','the previous page'); - $template->add('MSG','Um, what on earth are you doing?'); + die; } } else { - $template = new FITemplate('msg'); - $template->add('BACK','the previous page'); - $template->add('MSG','Um, what on earth are you doing?'); + generateError('404'); } -$template->display(); - ?> diff --git a/pages/welcome.php b/pages/welcome.php index e224c8e..26f9938 100755 --- a/pages/welcome.php +++ b/pages/welcome.php @@ -22,13 +22,24 @@ if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} require('headerproc.php'); -$pageCategory = 'home'; +$pageCategory = 'blog'; + +$hatNav = array( array( 'title' => 'Archive', + 'url' => 'http://fourisland.com/blog/', + 'icon' => '16-file-archive')); + $template = new FITemplate('post'); $template->adds_block('EXTERNAL',array('exi'=>1)); $curID = 0; +$gettrack = "SELECT * FROM tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; +$gettrack2 = mysql_query($gettrack); +$gettrack3 = mysql_fetch_array($gettrack2); + +$trackArr = explode(',',$gettrack3['rating']); + $getpost = "SELECT * FROM updates ORDER BY id DESC LIMIT 0,4"; $getpost2 = mysql_query($getpost); while ($getpost3 = mysql_fetch_array($getpost2)) @@ -59,7 +70,7 @@ while ($getpost3 = mysql_fetch_array($getpost2)) $template->add_ref($curID, 'POST', array( 'ID' => $getpost3['id'], 'YEARID' => ((date('Y',strtotime($getpost3['pubDate']))-2006) % 4), - 'DATE' => date('F dS Y \a\\t g:i:s a',strtotime($getpost3['pubDate'])), + 'DATE' => date('F jS Y \a\\t g:i:s a',strtotime($getpost3['pubDate'])), 'MONTH' => date('M',strtotime($getpost3['pubDate'])), 'DAY' => date('d',strtotime($getpost3['pubDate'])), 'CODED' => $getpost3['slug'], @@ -76,6 +87,13 @@ while ($getpost3 = mysql_fetch_array($getpost2)) $template->adds_ref_sub($curID, 'TAGS', array('TAG' => $tag)); } + if (($gettrack3['ip'] != $_SERVER['REMOTE_ADDR']) || (array_search($getpost3['id'],$trackArr) === FALSE)) + { + $template->adds_ref_sub($curID, 'CANVOTE', array('exi'=>1)); + } else { + $template->adds_ref_sub($curID, 'NOVOTE', array('exi'=>1)); + } + $curID++; } -- cgit 1.4.1