disinclined.org / git / dylansserver.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
comment-form now in view/comment-form.php
[dylansserver.git] / cms.php
1 <?php
2
3 abstract class cms {
4
5 private $config_file = '/etc/dylansserver.ini';
6 protected $db;
7 protected $recaptcha_publickey;
8 protected $recaptcha_privatekey;
9 public $title;
10 public $home_link;
11
12 public function __construct() {
13 $config = parse_ini_file($this->config_file, true);
14 $this->db = new mysqli(
15 $config['database']['domain'],
16 $config['database']['user'],
17 $config['database']['password'],
18 $config['database']['database']);
19 if (mysqli_connect_errno()) {
20 echo "Problem connecting to database: ";
21 echo mysqli_connect_error();
22 exit();
23 }
24 $this->recaptcha_publickey = $config['recaptcha']['publickey'];
25 $this->recaptcha_privatekey = $config['recaptcha']['privatekey'];
26 $this->title = $config['site']['default_title'];
27 $this->home_link = $config['site']['home_link'];
28 ob_start();
29 }
30
31 public static function determine_type() {
32 if (isset($_GET['page']) && is_numeric($_GET['page'])) {
33 return 'page';
34 } else if (isset($_GET['year'])) {
35 return 'archive';
36 } else if (isset($_GET['note'])) {
37 return 'note';
38 } else if ($_SERVER['REQUEST_URI'] == '/') {
39 return 'index';
40 } else if (isset($_GET['project'])) {
41 return 'project';
42 } else if (isset($_GET['rss'])) {
43 return 'rss';
44 } else if (isset($_GET['challenge'])) {
45 return 'captcha';
46 }
47 }
48
49 public function query() {
50 $args = func_get_args();
51 $statement = $this->db->prepare($args[0]);
52 $args = array_slice($args, 1);
53 call_user_func_array(array($statement, 'bind_param'), &$args);
54 $statement->execute();
55 $return = array();
56 $statement->store_result();
57 $row = array();
58 $data = $statement->result_metadata();
59 $fields = array();
60 $fields[0] = &$statement;
61 while($field = $data->fetch_field()) {
62 $fields[] = &$row[$field->name];
63 }
64 call_user_func_array("mysqli_stmt_bind_result", $fields);
65 $i = 0;
66 while ($statement->fetch()) {
67 foreach ($row as $key=>$value) $return[$i][$key] = $value;
68 $i++;
69 }
70 $statement->free_result();
71 return $return;
72 }
73
74 public function init() {
75 switch (cms::determine_type()) {
76 case 'index':
77 $index = new index();
78 $index->display();
79 break;
80 case 'project':
81 $project = new project();
82 $project->display();
83 break;
84 case 'note':
85 $note = new note;
86 $note->display();
87 break;
88 case 'page':
89 $page = new page;
90 $page->display();
91 break;
92 case "rss":
93 $rss = new rss();
94 $rss->display();
95 break;
96 case 'archive':
97 $archive = new archive;
98 $archive->display();
99 break;
100 case "captcha":
101 $captcha = new captcha;
102 $captcha->display();
103 break;
104 }
105 }
106
107 }
108
109
110 class index extends cms {
111
112 public function display() {
113 require_once("view/index.php");
114 }
115
116 protected function display_exhibits() {
117 echo "<div id='exhibit'>";
118 $sql = "SELECT text FROM projects ORDER BY rank";
119 $result = $this->db->query($sql);
120 while ($entry = $result->fetch_object()) {
121 echo $entry->text;
122 }
123 echo "</div>";
124 }
125
126 private function list_projects() {
127 $sql = "SELECT title FROM projects ORDER BY rank";
128 $result = $this->db->query($sql);
129 while ($entry = $result->fetch_object()) {
130 echo "<li><a class='tab' href='$entry->title'>$entry->title</a></li>";
131 }
132 }
133
134 }
135
136
137 class project extends index {
138
139 protected function display_exhibits() {
140 echo "<div id='exhibit'>";
141 $sql = "SELECT text FROM projects
142 WHERE title = ?";
143 $result = $this->query($sql, "s", $_GET['project']);
144 if ($result = $result[0]['text']) {
145 $text = str_replace("class='exhibit'", "class='exhibit' style='display:block;'", $result);
146 echo $text;
147 echo "</div>";
148 } else {
149 throw new notFound();
150 }
151 }
152
153 }
154
155
156 class page extends cms {
157
158 private $page = 1;
159 private $offset = 0;
160 private $notes_per_page = 4;
161 private $number_of_pages = 1;
162
163 public function __construct() {
164 parent::__construct();
165 $this->page_offset();
166 }
167
168 private function page_offset() {
169 $sql = "SELECT COUNT(*) FROM notes";
170 $result = $this->db->query($sql);
171 $result = $result->fetch_array();
172 $this->number_of_pages = ceil($result[0] / $this->notes_per_page);
173 if (isset($_GET['page']) && is_numeric($_GET['page'])) {
174 $this->page = (int) $_GET['page'];
175 } else {
176 throw new notFound();
177 }
178 if ($this->page > $this->number_of_pages) {
179 throw new notFound();
180 }
181 if ($this->page < 1) {
182 throw new notFound();
183 }
184 $this->offset = ($this->page - 1) * $this->notes_per_page;
185 }
186
187 public function display() {
188 require_once("view/page.php");
189 }
190
191 public function display_notes() {
192 echo "<div id='notes'>";
193 $sql = "SELECT date_posted, title, url, text
194 FROM notes ORDER BY date_posted DESC
195 LIMIT ?, ?";
196 $result = $this->query($sql, "ii",
197 $this->offset,
198 $this->notes_per_page);
199 foreach ($result as $row => $entry) {
200 $title = $entry['title'];
201 $url = '/note/' . $entry['url'];
202 $date_posted = explode("-", $entry['date_posted']);
203 $year_posted = $date_posted[0];
204 $month_posted = $date_posted[1];
205 $datetime_posted = explode(' ', $date_posted[2]);
206 $day_posted = $datetime_posted[0];
207 $text = $entry['text'];
208 echo <<<END_NOTE
209 <div class='note'>
210 <h1>
211 <span class='date'>$year_posted/$month_posted/$day_posted/</span><a rel="canonical" href='$url'>$title</a>
212 </h1>
213 $text
214 </div>
215 END_NOTE;
216 }
217 echo "</div>";
218 }
219 }
220
221
222 class note extends cms {
223
224 private $id;
225 private $comments_enabled = false;
226 private $failed_captcha;
227 public $url;
228 public $title;
229 public $year_posted;
230 public $month_posted;
231 public $day_posted;
232 public $text;
233 public $number_of_comments;
234
235 public function __construct() {
236 parent::__construct();
237 if (isset($_GET['comments'])) {
238 $this->comments_enabled = true;
239 }
240 $url = htmlspecialchars($_SERVER['REQUEST_URI']);
241 if (isset($_GET['verify'])) {
242 $url = substr($url, 0, (strlen($url)-6));
243 }
244 $this->url = $url;
245 $sql = "SELECT title, date_posted, text, id
246 FROM notes WHERE url = ?";
247 $result = $this->query($sql, "s",
248 $_GET['note']);
249 if ($result) {
250 $entry = $result[0];
251 $this->id = $entry["id"];
252 $this->title = $entry["title"];
253 $date_posted = explode("-", $entry["date_posted"]);
254 $this->year_posted = $date_posted[0];
255 $this->month_posted = $date_posted[1];
256 $datetime_posted = explode(' ', $date_posted[2]);
257 $this->day_posted = $datetime_posted[0];
258 $this->text = $entry["text"];
259 } else {
260 throw new notFound();
261 }
262 $sql = "SELECT COUNT(*) FROM comments
263 WHERE note = $this->id";
264 $result = $this->db->query($sql);
265 $result = $result->fetch_array();
266 $this->number_of_comments = $result[0];
267 if (isset($_GET['verify'])) {
268 $this->verify();
269 }
270 }
271
272 public function display() {
273 require_once("view/note.php");
274 }
275
276 private function verify() {
277 if (!isset($_POST['captcha'])) {
278 require_once('includes/recaptchalib.php');
279 echo "<br>";
280 $resp = recaptcha_check_answer ($this->recaptcha_privatekey,
281 $_SERVER["REMOTE_ADDR"],
282 $_POST["recaptcha_challenge_field"],
283 $_POST["recaptcha_response_field"]);
284 if (!$resp->is_valid) {
285 $this->failed_captcha = true;
286 }
287 }
288 if (isset($_POST['captcha']) || $resp->is_valid) {
289 $sql = ("INSERT INTO comments (date_posted, author,
290 text, note)
291 VALUES(NOW(), ?, ?, ?)");
292 $stmt = $this->db->prepare($sql);
293 // Checks are needed here (no blank text,
294 // and a default author needs to be set
295 // for no-javascript users.
296 $stmt->bind_param('sss',
297 $_POST['name'],
298 $_POST['text'],
299 $this->id);
300 $stmt->execute();
301 }
302 }
303
304 private function display_comment_link() {
305 if ($this->number_of_comments > 0) {
306 $anchor_text = "comments($this->number_of_comments)/";
307 } else {
308 $anchor_text = "comment?";
309 }
310 if (substr($this->url, (strlen($this->url)-1), strlen($this->url)) == '/') {
311 $url = $this->url . 'comments/';
312 } else {
313 $url = $this->url . '/comments/';
314 }
315 echo "<a id='comment_link' href='$url'>$anchor_text</a>";
316 }
317
318 private function display_comments() {
319 echo "<div id='comments'>";
320 $sql= "SELECT date_posted, author, text
321 FROM comments WHERE note = ?
322 ORDER BY date_posted DESC";
323 $result = $this->query($sql, 'd', $this->id);
324 foreach ($result as $row => $entry) {
325 $date_posted = $entry['date_posted'];
326 $author = $entry['author'];
327 $text = htmlspecialchars($entry['text']);
328 $head = "<h3>" . htmlspecialchars($author) . "</h3>";
329 echo "<div class='comment'>";
330 echo $head;
331 echo $text;
332 echo "</div>";
333 }
334 echo "</div>";
335 }
336
337 private function display_comment_form() {
338 $publickey = $this->recaptcha_publickey;
339 require_once("view/comment-form.php");
340 }
341 }
342
343
344 class archive extends cms {
345
346 public function __construct() {
347 parent::__construct();
348 }
349
350 private function check_exists() {
351 $sql = "SELECT COUNT(*) FROM notes
352 WHERE url = ?";
353 $results = $this->query($sql, "s", $_GET['note']);
354 if ($results[0]["COUNT(*)"] != 1) {
355 $this->not_found();
356 }
357 }
358
359 public function display() {
360 require_once("view/archive.php");
361 }
362
363 public function display_notes() {
364 switch (true) {
365 case (isset($_GET['year']) && !isset($_GET['month'])
366 && !isset($_GET['day'])):
367 $sql = "SELECT title, url, date_posted, text
368 FROM notes WHERE YEAR(date_posted) = ?
369 ORDER BY date_posted DESC";
370 $result = $this->query($sql, "d",
371 $_GET['year']);
372 break;
373 case (isset($_GET['year']) && isset($_GET['month'])
374 && !isset($_GET['day'])):
375 $sql = "SELECT title, url, date_posted, text
376 FROM notes WHERE YEAR(date_posted) = ?
377 AND MONTH(date_posted) = ?
378 ORDER BY date_posted DESC";
379 $result = $this->query($sql, "dd",
380 $_GET['year'], $_GET['month']);
381 break;
382 case (isset($_GET['year']) && isset($_GET['month'])
383 && isset($_GET['day'])):
384 $sql = "SELECT title, url, date_posted, text
385 FROM notes WHERE YEAR(date_posted) = ?
386 AND MONTH(date_posted) = ?
387 AND DAY(date_posted) = ?
388 ORDER BY date_posted DESC";
389 $result = $this->query($sql, "ddd",
390 $_GET['year'], $_GET['month'],
391 $_GET['day']);
392 break;
393 }
394 if (count($result) >= 1) {
395 echo "<div id='notes'>";
396 foreach ($result as $row => $entry) {
397 $title = $entry['title'];
398 $url = '/note/' . $entry['url'];
399 $date_posted = explode("-", $entry['date_posted']);
400 $year_posted = $date_posted[0];
401 $month_posted = $date_posted[1];
402 $datetime_posted = explode(' ', $date_posted[2]);
403 $day_posted = $datetime_posted[0];
404 echo "<div class='note'>";
405 echo "<h1><span class='date'>";
406 echo "$year_posted/$month_posted/$day_posted/";
407 echo "</span><a href='$url'>$title</a></h1>";
408 echo $entry['text'];
409 echo "</div>";
410 }
411 echo "</div>";
412 } else {
413 echo "<br>";
414 echo "<h1>sorry, nothing here</h2>";
415 echo "<pre>Empty set (0.00 sec)</pre>";
416 }
417 }
418
419 }
420
421
422 class rss extends cms {
423
424 public function display() {
425 require_once("view/rss.php");
426 }
427
428 public function display_items() {
429 $result = $this->db->query("SELECT date_posted, title, text, url
430 FROM notes ORDER BY date_posted DESC
431 LIMIT 5");
432 while ($entry = $result->fetch_object()) {
433 $title = $entry->title;
434 $date_posted = $entry->date_posted;
435 $url = "http://dylansserver.com/note/" . $entry->url;
436 $text = $entry->text;
437 $text = strip_tags($text);
438 $end_of_first_sentence = strpos($text, '.');
439 if ($end_of_first_sentence) {
440 $end_of_second_sentence = strpos($text, '.', ($end_of_first_sentence + 1));
441 if ($end_of_second_sentence) {
442 $description = substr($text, '0', ($end_of_second_sentence + 1));
443 } else {
444 $description = substr($text, '0', ($end_of_first_sentence + 1));
445 }
446 }
447 echo "<item>";
448 echo " <title>$title</title>";
449 echo " <link>$url</link>";
450 echo " <guid>$url</guid>";
451 echo " <description>$description</description>";
452 echo "</item>";
453 }
454 }
455 }
456
457
458 class notFound extends Exception {
459
460 public function __construct() {
461 header('HTTP/1.0 404 Not Found');
462 ob_end_clean();
463 include('404.php');
464 exit();
465 }
466
467 }
468
469
470 class captcha extends cms {
471
472 public function display() {
473 $challenge = $_GET['challenge'];
474 $response = $_GET['response'];
475 $remoteip = $_SERVER['REMOTE_ADDR'];
476 $curl = curl_init('http://api-verify.recaptcha.net/verify?');
477 curl_setopt ($curl, CURLOPT_POST, 4);
478 curl_setopt ($curl, CURLOPT_POSTFIELDS, "privatekey=$this->recaptcha_privatekey&remoteip=$remoteip&challenge=$challenge&response=$response");
479 $result = curl_exec ($curl);
480 curl_close ($curl);
481 }
482
483 }
484
485 ?>
my (old) website