X-Git-Url: https://disinclined.org/git/?a=blobdiff_plain;f=index.php;h=a0c48f28f6c230c0ac45f4d3206670cc6bdf856f;hb=deb56dae38123d0a47612f01fe40122dbe001147;hp=29e4076463cc821d8fdda546f037b2436c5c6adb;hpb=6f04d2b1c7461b1c50dd3c9f895baabafc4d6db4;p=dylansserver.git diff --git a/index.php b/index.php index 29e4076..a0c48f2 100644 --- a/index.php +++ b/index.php @@ -3,25 +3,31 @@ abstract class cms { private $config_file = '/etc/dylanstestserver.ini'; protected $db; + protected $recaptcha_publickey; + protected $recaptcha_privatekey; public function __construct() { - $config = parse_ini_file($this->config_file); + $config = parse_ini_file($this->config_file, true); $this->db = new mysqli( - $config['domain'], - $config['user'], - $config['password'], - $config['database']); + $config[database]['domain'], + $config[database]['user'], + $config[database]['password'], + $config[database]['database']); if (mysqli_connect_errno()) { echo "Problem connecting to database: "; echo mysqli_connect_error(); exit(); } + $this->recaptcha_publickey = $config[recaptcha]['publickey']; + $this->recaptcha_privatekey = $config[recaptcha]['privatekey']; ob_start(); } public static function determine_type() { if (isset($_GET['page']) && is_numeric($_GET['page'])) { return 'page'; + } else if (isset($_GET['year'])) { + return 'archive'; } else if (isset($_GET['note'])) { return 'note'; } else if ($_SERVER['REQUEST_URI'] == '/') { @@ -49,7 +55,7 @@ abstract class cms { call_user_func_array("mysqli_stmt_bind_result", $fields); $i = 0; while ($statement->fetch()) { - foreach ($row as $key1=>$value1) $return[$i][$key1] = $value1; + foreach ($row as $key=>$value) $return[$i][$key] = $value; $i++; } $statement->free_result(); @@ -60,9 +66,11 @@ abstract class cms { $home_link = "/") { $scripts = ""; $stylesheets = ""; - if (cms::determine_type() == "index") { + if ($this->determine_type() == "index") { $scripts = ""; } echo <<display_head(); @@ -285,9 +297,203 @@ class page extends cms { class note extends cms { + private $id; + private $comments_enabled = false; + private $failed_captcha; + public $url; + public $title; + public $year_posted; + public $month_posted; + public $day_posted; + public $text; + public $number_of_comments; + + public function __construct($comments_enabled = false) { + parent::__construct(); + $this->comments_enabled = $comments_enabled; + $url = htmlspecialchars($_SERVER['REQUEST_URI']); + if (isset($_GET['verify'])) { + $url = substr($url, 0, (strlen($url)-6)); + } + $this->url = $url; + $sql = "SELECT title, date_posted, text, id + FROM notes WHERE url = ?"; + $result = $this->query($sql, "s", + $_GET['note']); + if ($result) { + $entry = $result[0]; + $this->id = $entry["id"]; + $this->title = $entry["title"]; + $date_posted = explode("-", $entry["date_posted"]); + $this->year_posted = $date_posted[0]; + $this->month_posted = $date_posted[1]; + $datetime_posted = explode(' ', $date_posted[2]); + $this->day_posted = $datetime_posted[0]; + $this->text = $entry["text"]; + } else { + throw new notFound(); + } + $sql = "SELECT COUNT(*) FROM comments + WHERE note = $this->id"; + $result = $this->db->query($sql); + $result = $result->fetch_array(); + $this->number_of_comments = $result[0]; + if (isset($_GET['verify'])) { + $this->verify(); + } + } + + public function display() { + $this->display_head(); + $this->display_note(); + if ($this->comments_enabled) { + $this->display_comments(); + $this->display_comment_form(); + } + $this->write_navigation(); + $this->display_close(); + } + + private function verify() { + require_once('includes/recaptchalib.php'); + echo "
"; + $resp = recaptcha_check_answer ($this->recaptcha_privatekey, + $_SERVER["REMOTE_ADDR"], + $_POST["recaptcha_challenge_field"], + $_POST["recaptcha_response_field"]); + if (!$resp->is_valid) { + $this->failed_captcha = true; + } else { + $sql = ("INSERT INTO comments (date_posted, author, + email, text, note) + VALUES(NOW(), ?, ?, ?, ?)"); + $stmt = $this->db->prepare($sql); + // Checks are needed here (no blank text, + // and a default author / email need to be set + $stmt->bind_param('ssss', + htmlspecialchars($_POST['author']), + htmlspecialchars($_POST['email']), + htmlspecialchars($_POST['text']), + $this->id); + $stmt->execute(); + } + } + + private function display_note() { + echo "
"; + echo "

$this->year_posted/$this->month_posted/$this->day_posted/$this->title

"; + echo $this->text; + } + + private function write_navigation() { + echo << +
+

+END_OF_NAVIGATION; + if ($this->failed_captcha) { + echo "sorry, reCAPTCHA said you're not human.


"; + } + if (!$this->comments_enabled) { + $this->display_comment_link(); + } + echo <<notes/ +

+
+END_OF_NAVIGATION; + } + + private function display_comment_link() { + if ($this->number_of_comments > 0) { + $anchor_text = "comments ($this->number_of_comments)"; + } else { + $anchor_text = "comment?"; + } + if (substr($this->url, (strlen($this->url)-1), strlen($this->url)) == '/') { + $url = $this->url . 'comments/'; + } else { + $url = $this->url . '/comments/'; + } + echo "$anchor_text"; + } + + private function display_comments() { + echo "
"; + $sql= "SELECT date_posted, author, email, text + FROM comments WHERE note = ? + ORDER BY date_posted DESC"; + $result = $this->query($sql, "d", $this->id); + foreach ($result as $row => $entry) { + $date_posted = $entry['date_posted']; + $author = $entry['author']; + $email = $entry['email']; + $text = htmlspecialchars($entry['text']); + echo <<$author + $text +
+
+END_OF_COMMENT; + } + echo "
"; + } + + private function display_comment_form() { + $publickey = $this->recaptcha_publickey; + echo << +function showRecaptcha(element) { +Recaptcha.create("$publickey", + "recaptcha_div", + { + theme : 'custom', + custom_theme_widget: 'recaptcha_widget', + callback: Recaptcha.focus_response_field + }); +} + +END_CAPTCHA_STYLE; + require_once('includes/recaptchalib.php'); + // Trailing slash is necessary for reloads to work + $url = $this->url . "verify"; + echo "
"; + echo << + + +
+
+

comment:

+ +

name:

+ +

email:

+
+ + +
+

what's this say?

+

enter the numbers you hear:

(another/audio/Get an image CAPTCHAhelp)

+ +

+
+



+
+
+ + + +
+END_OF_FORM; + } +} + + +class archive extends cms { + public function __construct() { parent::__construct(); - $this->check_exists(); } private function check_exists() { @@ -295,27 +501,66 @@ class note extends cms { WHERE url = ?"; $results = $this->query($sql, "s", $_GET['note']); if ($results[0]["COUNT(*)"] != 1) { - throw new notFound(); + $this->not_found(); } } public function display() { + // this really needs its own pagination... + // there should be a class for that. $this->display_head(); - $sql = "SELECT title, date_posted, text - FROM notes WHERE url = ?"; - $result = $this->query($sql, "s", - $_GET['note']); - $entry = $result[0]; - $title = $entry["title"]; - $date_posted = explode("-", $entry["date_posted"]); - $year_posted = $date_posted[0]; - $month_posted = $date_posted[1]; - $datetime_posted = explode(' ', $date_posted[2]); - $day_posted = $datetime_posted[0]; - echo "
"; - echo "

$year_posted/$month_posted/$day_posted/$title

"; - echo $entry['text']; - $this->write_navigation(); + switch (true) { + case (isset($_GET['year']) && !isset($_GET['month']) + && !isset($_GET['day'])): + $sql = "SELECT title, url, date_posted, text + FROM notes WHERE YEAR(date_posted) = ? + ORDER BY date_posted DESC"; + $result = $this->query($sql, "d", + $_GET['year']); + break; + case (isset($_GET['year']) && isset($_GET['month']) + && !isset($_GET['day'])): + $sql = "SELECT title, url, date_posted, text + FROM notes WHERE YEAR(date_posted) = ? + AND MONTH(date_posted) = ? + ORDER BY date_posted DESC"; + $result = $this->query($sql, "dd", + $_GET['year'], $_GET['month']); + break; + case (isset($_GET['year']) && isset($_GET['month']) + && isset($_GET['day'])): + $sql = "SELECT title, url, date_posted, text + FROM notes WHERE YEAR(date_posted) = ? + AND MONTH(date_posted) = ? + AND DAY(date_posted) = ? + ORDER BY date_posted DESC"; + $result = $this->query($sql, "ddd", + $_GET['year'], $_GET['month'], + $_GET['day']); + break; + } + if (count($result) >= 1) { + echo "
"; + foreach ($result as $row => $entry) { + $title = $entry['title']; + $url = '/note/' . $entry['url']; + $date_posted = explode("-", $entry['date_posted']); + $year_posted = $date_posted[0]; + $month_posted = $date_posted[1]; + $datetime_posted = explode(' ', $date_posted[2]); + $day_posted = $datetime_posted[0]; + echo "
"; + echo "

$year_posted/$month_posted/$day_posted/$title

"; + echo $entry['text']; + echo "
"; + } + echo "
"; + $this->write_navigation(); + } else { + echo "
"; + echo "

sorry, nothing here

"; + echo "
Empty set (0.00 sec)
"; + } $this->display_close(); } @@ -323,12 +568,13 @@ class note extends cms { echo "
"; echo "
"; echo "

"; - echo "notes/"; + // fill me in! echo "

"; echo "
"; } } + class notFound extends Exception { public function __construct() { header("HTTP/1.0 404 Not Found"); @@ -349,13 +595,21 @@ switch (cms::determine_type()) { $project->display(); break; case "note": - $note = new note; + if (isset($_GET['comments'])) { + $note = new note($comments_enabled = true); + } else { + $note = new note; + } $note->display(); break; case "page": $page = new page; $page->display(); break; + case "archive": + $archive = new archive; + $archive->display(); + break; } ?>