MySQL q's are now prepared. Added includes/cms.php

All MySQL queries from $_GET are now prepared. This logic has been placed in `$this->query($sql, $data_types, $dirty_data, $dirty_data...)`.

Projects are now also handled by includes/cms.php.

I still don't feel as though the code is entirely DRY, and the object schema still feels somewhat procedural.

The publish_* scripts need to be updated or gotten rid of for a nice interface.

The date_posted storage needs to be switched to datetime, that was a silly decision to start with.

diff --git a/index.php b/index.php
index dbff9a5..b519847 100644 (file)
--- a/index.php
+++ b/index.php
@@ -25,26 +25,7 @@
 
     <div id="content">
       <div id="exhibit">
-           <?php
-                 $config = parse_ini_file('/etc/dylanstestserver.ini');
-          mysql_connect($config['domain'], $config['user'], $config['password']) or die(mysql_error());
-          mysql_select_db($config['database']) or die(mysql_error());
-                 if (isset($_GET['project'])) {
-                   $page_type = 'project';
-                       $project = mysql_real_escape_string($_GET['project']);
-                   $sql = "SELECT text FROM projects WHERE title='$project'";
-                 } else {
-                   $sql = "SELECT text FROM projects";
-                 }
-          $result = mysql_query($sql) or die (mysql_error());
-          while($project = mysql_fetch_array($result)) {
-                       $text = $project['text'];
-                       if (isset($page_type)) {
-                         $text = str_replace("<div class=\"exhibit\"", "<div class=\"exhibit\" style=\"display:block;\"", $text);
-                       }
-                       echo $text;
-          }
-           ?>
+           <?php require('includes/cms.php'); ?>
          </div>
 
       <ul id="portfolio" style="text-align:right">
@@ -52,20 +33,7 @@
           <h3>my projects:</h3>
         </li>
 
-        <li><a class="tab" href="repthis">repthis.info</a></li>
-
-        <li><a class="tab" href=
-        "youtube_backup">youtube_backup</a></li>
-
-        <li><a class="tab" href=
-        "i_like_pandora">i_like_pandora</a></li>
-
-        <li><a class="tab" href=
-        "peepshow">foxy-addons/peepshow</a></li>
-
-        <li><a class="tab" href="drawcss">drawcss</a></li>
-
-        <li><a class="tab" href="readoo">readoo</a></li>
+               <?php $index->list_projects(); ?>
 
         <li>
           <h3>things i've done for others:</h3>

diff --git a/notes/index.php b/notes/index.php
index 31e3f1b..e0a8211 100644 (file)
--- a/notes/index.php
+++ b/notes/index.php
@@ -23,7 +23,7 @@
 
     <div id="content">
          <div id="notes">
-           <?php require('notes.php') ?>
+           <?php require('../includes/cms.php') ?>
         <h1 id="contact_me" style="margin-top:60px;"><a href=
         "mailto:dylan@psu.edu">dylan</a></h1><a href=
         "mailto:dylan@psu.edu">@psu.edu</a>

diff --git a/publish.py b/publish.py
deleted file mode 100755 (executable)
index 288a395..0000000
--- a/publish.py
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/usr/bin/python
-
-import os
-import time
-import MySQLdb as db
-import ConfigParser
-
-config = ConfigParser.RawConfigParser()
-config.read('/etc/dylanstestserver.ini')
-domain = config.get('database', 'domain')
-user = config.get('database', 'user')
-password = config.get('database', 'password')
-database = config.get('database', 'database')
-cursor = db.connect(domain, user, password, database).cursor()
-
-notes = os.listdir('/home/dylan/docs/notes')
-
-sql = "SELECT title FROM notes"
-cursor.execute(sql)
-results = cursor.fetchall()
-existing_titles = []
-for row in results:
-    existing_titles.append(row[0])
-
-for note in notes:
-    if note == 'index.php' or note == 'notes.php': continue
-    url = note[:note.index('.')]
-    f = open(os.path.join('notes', note))
-    title = str(f.readline()[:-1])
-    text = ''.join(f.readlines()) #converts list to single string
-    if title in existing_titles: continue
-    mtime = time.localtime(os.path.getmtime(os.path.join('notes', note)))
-    date_posted = "%s-%s-%s" % (str(mtime.tm_year)[2:], mtime.tm_mon, mtime.tm_mday)
-    sql = "INSERT INTO notes (date_posted, url, title, text)\
-             VALUES(\"%s\", \"%s\", \"%s\", \"%s\")"\
-             % (date_posted, url, title, db.escape_string(text))
-
-    #print sql
-    cursor.execute(sql)

diff --git a/publish_notes.py b/publish_notes.py
new file mode 100755 (executable)
index 0000000..8663f9c
--- /dev/null
+++ b/publish_notes.py
@@ -0,0 +1,41 @@
+#!/usr/bin/python
+
+NOTES_DIRECTORY = '/home/dylan/docs/notes'
+
+import os
+import time
+import MySQLdb as db
+import ConfigParser
+
+config = ConfigParser.RawConfigParser()
+config.read('/etc/dylanstestserver.ini')
+domain = config.get('database', 'domain')
+user = config.get('database', 'user')
+password = config.get('database', 'password').replace('"', '')
+database = config.get('database', 'database')
+cursor = db.connect(domain, user, password, database).cursor()
+
+notes = os.listdir(NOTES_DIRECTORY)
+
+sql = "SELECT title FROM notes"
+cursor.execute(sql)
+results = cursor.fetchall()
+existing_titles = []
+for row in results:
+    existing_titles.append(row[0])
+
+for note in notes:
+    if note == 'index.php' or note == 'notes.php': continue
+    url = note[:note.index('.')]
+    f = open(os.path.join(NOTES_DIRECTORY, note))
+    title = str(f.readline()[:-1])
+    text = ''.join(f.readlines()) #converts list to single string
+    if title in existing_titles: continue
+    mtime = time.localtime(os.path.getmtime(os.path.join(NOTES_DIRECTORY, note)))
+    date_posted = "%s-%s-%s" % (str(mtime.tm_year)[2:], mtime.tm_mon, mtime.tm_mday)
+    sql = "INSERT INTO notes (date_posted, url, title, text)\
+             VALUES(\"%s\", \"%s\", \"%s\", \"%s\")"\
+             % (date_posted, url, title, db.escape_string(text))
+
+    #print sql
+    cursor.execute(sql)