Note: this list is kept only as a demonstration for CVSNotice. For the latest CVS notices, see the Xaraya and Postnuke sites
View Statistics - Next Notice - Previous NoticeDirectory filter : [ all ] / postnuke_modules / reviews [ view in CVS ]
| Date | Directory [filter] | File(s) [view] | Author [filter] |
| 07 Aug 2002 08:09:38 | postnuke_modules/reviews | index.html,NONE,1.1 pnadmin.php,NONE,1.1 pnadminapi.php,NONE,1.1 pninit.php,NONE,1.1 pntables.php,NONE,1.1 pnuser.php,NONE,1.1 pnuserapi.php,NONE,1.1 pnversion.php,NONE,1.1 | Vlodomyr Metenchuk |
| module converted to new API | |||
Update of /home/cvsroot/postnuke_modules/reviews
In directory ns7.hostnuke.net:/tmp/cvs-serv27813
Added Files:
index.html pnadmin.php pnadminapi.php pninit.php pntables.php
pnuser.php pnuserapi.php pnversion.php
Log Message:
module converted to new API
--- NEW FILE: index.html ---
--- NEW FILE: pnadmin.php ---
<?php
// $Id: pnadmin.php,v 1.1 2002/08/07 08:09:35 voll Exp $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2002 by the PostNuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WIthOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Jim McDonald
// Purpose of file: Reviews administration display functions
// ----------------------------------------------------------------------
/**
* the main administration function
* This function is the default function, and is called whenever the
* module is initiated without defining arguments. As such it can
* be used for a number of things, but most commonly it either just
* shows the module menu and returns or calls whatever the module
* designer feels should be the default function (often this is the
* view() function)
*/
function reviews_admin_main()
{
$output = new pnHTML();
if (!pnSecAuthAction(0, 'reviews::', '::', ACCESS_EDIT)) {
$output->Text(_REVIEWSNOAUTH);
return $output->GetOutput();
}
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(reviews_adminmenu());
$output->SetInputMode(_PNH_PARSEINPUT);
return $output->GetOutput();
}
/**
* Main administration menu
*/
function reviews_adminmenu()
{
// Create output object - this object will store all of our output so that
// we can return it easily when required
$output = new pnHTML();
// Display status message if any. Note that in future this functionality
// will probably be in the theme rather than in this menu, but this is the
// best place to keep it for now
$output->Text(pnGetStatusMsg());
$output->Linebreak(2);
// Start options menu
$output->TableStart(_REVADMIN);
// $output->SetOutputMode(_PNH_RETURNOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!pnModAPILoad('reviews', 'user')) {
pnSessionSetVar('errormsg', _LOADFAILED);
return $output->GetOutput();
}
$result = pnModAPIFunc('reviews', 'user', 'gettitles');
$title = $result['title'];
$description = $result['description'];
$alanguage = $result['alanguage'];
$letters = $result['letters'];
// Configuration
if (pnSecAuthAction(0, 'reviews::', '::', ACCESS_ADMIN)) {
$output->Text("<center>");
$output->FormStart(pnModURL('reviews', 'admin', 'updatetitles'));
$output->FormHidden('authid', pnSecGenAuthKey());
$output->Text(_REVTITLE."<br>");
$output->FormText('title', $title, 50, 100);
$output->Text("<br><br>"._REVDESC."<br>");
$output->FormTextArea('description', $description, 15, 60, 'virtual');
$output->Text("<br><br>"._LANGUAGE."<br>");
$currentlang = $alanguage;
$output->Text("<select name=\"alanguage\" class=\"pn-text\">");
$lang = languagelist();
// $output->Text("<option value=\"\">"._ALL.'</option>');
$handle = opendir('language');
while ($f = readdir($handle))
{
if (is_dir("language/$f") && @$lang[$f])
{
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
foreach ($langlist as $k=>$v)
{
$output->Text('<option value="'.$k.'"');
if ( $currentlang == $k)
{
$output->Text(' selected');
}
$output->Text('>'. pnVarPrepForDisplay($v) . '</option> ');
}
$output->Text("</select>");
$output->Text("<br><br>"._REVLETTERS."<br>");
$output->FormTextArea('letters', $letters, 15, 60, 'virtual');
$output->Linebreak(2);
$output->FormSubmit(_SAVECHANGES);
$output->FormEnd();
$output->Text("</center>");
}
$output->TableEnd();
// Waiting reviews
if (pnSecAuthAction(0, 'reviews::', '::', ACCESS_ADD)) {
$output->TableStart(_REVWAITING);
$items = pnModAPIFunc('reviews', 'user', 'getallwaiting');
if ($items == false) {
$output->Text("<br><br><i>"._NOREVIEW2ADD."</i><br><br>");
} else {
foreach ($items as $item) {
$id = $item['id'];
$date = $item['date'];
$title = $item['title'];
$text = $item['text'];
$reviewer = $item['reviewer'];
$email = $item['email'];
$score = $item['score'];
$url = $item['url'];
$url_title = $item['url_title'];
$rlanguage = $item['rlanguage'];
$output->FormStart(pnModURL('reviews', 'admin', 'create'));
$output->Text("<hr noshade size=\"1\"><br><table border=\"0\" cellpadding=\"1\" cellspacing=\"2\">"
."<tr><td><b>"._REVIEWID.":</td><td><b>".pnVarPrepForDisplay($id)."</b></td></tr>"
."<input type=\"hidden\" name=\"id\" value=\"$id\">"
."<tr><td>"._DATE.":</td><td><input type=\"text\" name=\"date\" value=\"".pnVarPrepForDisplay($date)."\" size=\"11\" maxlength=\"10\"></td></tr>"
."<tr><td>"._PRODUCTTITLE.":</td><td><input type=\"text\" name=\"title\" value=\"".pnVarPrepForDisplay($title)."\" size=\"25\" maxlength=\"40\"></td></tr>"
."<tr><td>"._LANGUAGE.":</td><td>");
$currentlang = pnUserGetLang();
$output->Text("<select name=\"alanguage\" class=\"pn-text\">");
$lang = languagelist();
$output->Text("<option value=\"\">"._ALL.'</option>');
$handle = opendir('language');
while ($f = readdir($handle))
{
if (is_dir("language/$f") && @$lang[$f])
{
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
foreach ($langlist as $k=>$v)
{
$output->Text('<option value="'.$k.'"');
if ( $currentlang == $k)
{
$output->Text(' selected');
}
$output->Text('>'. pnVarPrepForDisplay($v) . '</option> ');
}
$output->Text("</select>");
$output->Text("</td></tr><tr><td>"._TEXT.":</td><td><TEXTAREA name=\"text\" rows=\"6\" wrap=\"virtual\" cols=\"40\">".pnVarPrepHTMLDisplay($text)."</textarea></td></tr>"
."<tr><td>"._REVIEWER."</td><td><input type=\"text\" name=\"reviewer\" value=\"".pnVarPrepForDisplay($reviewer)."\" size=\"41\" maxlength=\"40\"></td></tr>"
."<tr><td>"._EMAIL.":</td><td><input type=\"text\" name=\"email\" value=\"".pnVarPrepForDisplay($email)."\" size=\"41\" maxlength=\"80\"></td></tr>"
."<tr><td>"._SCORE."</td><td><input type=\"text\" name=\"score\" value=\"".pnVarPrepForDisplay($score)."\" size=\"3\" maxlength=\"2\"></td></tr><tr><td>");
if ($url != "") {
$output->Text("<tr><td>"._RELATEDLINK.":</td><td><input type=\"text\" name=\"url\" value=\"".pnVarPrepForDisplay($url)."\" size=\"25\" maxlength=\"100\"></td></tr>"
."<tr><td>"._LINKTITLE.":</td><td><input type=\"text\" name=\"url_title\" value=\"".pnVarPrepForDisplay($url_title)."\" size=\"25\" maxlength=\"50\"></td></tr>");
}
$output->Text("<tr><td>"._IMAGE.":</td><td><input type=\"text\" name=\"cover\" size=\"25\" maxlength=\"100\"><br><i>"
._REVIMGINFO."</i></td></tr></table>");
$output->FormHidden('authid', pnSecGenAuthKey());
$output->FormSubmit(_ADDREVIEW);
$output->Text(" - [ ");
$output->URL(pnModURL('reviews', 'admin', 'deletewaiting',
array('id' => $id)),
_DELETE);
$output->Text(" ]");
$output->FormEnd();
}
}
$output->URL(pnModURL('reviews','user','main'),_CLICK2ADDREVIEW);
$output->Text("</center>");
$output->TableEnd();
}
// Modify
if (pnSecAuthAction(0, 'reviews::', '::', ACCESS_EDIT)) {
$output->TableStart(_DELMODREVIEW);
$output->Text("<center><br><br>"._MODREVINFO."</center>");
$output->TableEnd();
}
if (pnSecAuthAction(0, 'reviews::', '::', ACCESS_ADMIN)) {
$output->TableStart(_EDITREVIEWSCONFIG);
$output->URL(pnModURL('reviews','admin','modifyconfig'), _EDITREVIEWSCONFIG);
$output->TableEnd();
}
// $output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_PARSEINPUT);
$output->TableEnd();
// Return the output that has been generated by this function
return $output->GetOutput();
}
/**
* This is a standard function that is called with the results of the
* form supplied by reviews_admin_new() to create a new item
* @param 'name' the name of the item to be created
* @param 'number' the number of the item to be created
*/
function reviews_admin_create($args)
{
// Get parameters from whatever input we need.
list($id, $date, $title, $alanguage, $text, $reviewer, $email, $score,
$url,$url_title, $cover) = pnVarCleanFromInput(
'id','date','title','alanguage','text','reviewer','email','score',
'url','url_title','cover');
extract($args);
// Confirm authorisation code.
if (!pnSecConfirmAuthKey()) {
pnSessionSetVar('errormsg', _BADAUTHKEY);
pnRedirect(pnModURL('reviews', 'admin', 'main'));
return true;
}
// Load API.
if (!pnModAPILoad('reviews', 'admin')) {
pnSessionSetVar('errormsg', _LOADFAILED);
return $output->GetOutput();
}
// The API function is called. Note that the name of the API function and
// the name of this function are identical, this helps a lot when
// programming more complex modules. The arguments to the function are
// passed in as their own arguments array
$rid = pnModAPIFunc('reviews', 'admin', 'create',
array('id' => $id,
'date' => $date,
'title' => $title,
'rlanguage' => $alanguage,
'text' => $text,
'reviewer' => $reviewer,
'email' => $email,
'score' => $score,
'url' => $url,
'url_title' => $url_title,
'cover' => $cover));
if ($rid != false) {
// Success
pnSessionSetVar('statusmsg', _REVIEWCREATED);
}
pnRedirect(pnModURL('reviews', 'admin', 'main'));
// Return
return true;
}
/**
* delete item
* @param 'id' the id of the item to be deleted
* @param 'confirmation' confirmation that this item can be deleted
*/
function reviews_admin_deletewaiting($args)
{
// Get parameters from whatever input we need. All arguments to this
// function should be obtained from pnVarCleanFromInput(), getting them
// from other places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
list($id,
$objectid,
$confirmation) = pnVarCleanFromInput('id',
'objectid',
'confirmation');
extract($args);
if (!empty($objectid)) {
$id = $objectid;
}
/*
// Load API.
if (!pnModAPILoad('reviews', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// The user API function is called.
$item = pnModAPIFunc('reviews', 'user', 'get', array('id' => $id));
if ($item == false) {
$output->Text(_REVIEWSNOSUCHITEM);
return $output->GetOutput();
}
*/
// Security check
if (!pnSecAuthAction(0, 'reviews::Item', "$item[name]::$id", ACCESS_DELETE)) {
$output->Text(_REVIEWSNOAUTH);
return $output->GetOutput();
}
// Check for confirmation.
if (empty($confirmation)) {
// No confirmation yet - display a suitable form to obtain confirmation
// of this action from the user
// Create output object - this object will store all of our output so
// that we can return it easily when required
$output = new pnHTML();
// Add menu to output - it helps if all of the module pages have a
// standard menu at their head to aid in navigation
/*
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(reviews_adminmenu());
$output->SetInputMode(_PNH_PARSEINPUT);
*/
// Title - putting a title ad the head of each page reminds the user
// what they are doing
$output->Title(_DELETEREVIEW);
// Add confirmation to output. Note that this uses a pnHTML helper
// function to produce the requested confirmation in a standard
// fashion. This not only cuts down on code within the module but
// allows it to be altered in future without the module developer
// having to worry about it
$output->ConfirmAction(_CONFIRMREVIEWDELETE,
pnModURL('reviews', 'admin', 'deletewaiting'),
_CANCELREVIEWSDELETE,
pnModURL('reviews', 'admin', 'main'),
array('id' => $id));
// Return the output that has been generated by this function
return $output->GetOutput();
}
// If we get here it means that the user has confirmed the action
// Confirm authorisation code. This checks that the form had a valid
// authorisation code attached to it. If it did not then the function will
// proceed no further as it is possible that this is an attempt at sending
// in false data to the system
if (!pnSecConfirmAuthKey()) {
pnSessionSetVar('errormsg', _BADAUTHKEY);
pnRedirect(pnModURL('reviews', 'admin', 'main'));
return true;
}
// Load API.
if (!pnModAPILoad('reviews', 'admin')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// The API function is called.
if (pnModAPIFunc('reviews', 'admin', 'deletewaiting', array('id' => $id))) {
// Success
pnSessionSetVar('statusmsg', _REVIEWDELETED);
}
// This function generated no output, and so now it is complete we redirect
// the user to an appropriate page for them to carry on their work
pnRedirect(pnModURL('reviews', 'admin', 'main'));
// Return
return true;
}
/**
* This is a standard function to modify the configuration parameters of the
* module
*/
function reviews_admin_modifyconfig()
{
$output = new pnHTML();
if (!pnSecAuthAction(0, 'reviews::', '::', ACCESS_ADMIN)) {
$output->Text(_REVIEWSNOAUTH);
return $output->GetOutput();
}
// Title - putting a title ad the head of each page
$output->Title(_REVIEWSMODIFYCONFIG);
// Start form
$output->FormStart(pnModURL('reviews', 'admin', 'updateconfig'));
// Add an authorisation ID
$output->FormHidden('authid', pnSecGenAuthKey());
$output->TableStart();
// Number of items to display per page
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepForDisplay(_REVIEWSITEMSPERPAGE));
$row[] = $output->FormText('itemsperpage', pnModGetVar('reviews', 'itemsperpage'), 3, 3);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
$output->SetInputMode(_PNH_PARSEINPUT);
$output->Linebreak(2);
$output->TableEnd();
// End form
$output->Linebreak(2);
$output->FormSubmit(_REVIEWSUPDATE);
$output->FormEnd();
// Return the output that has been generated by this function
return $output->GetOutput();
}
/**
* This is a standard function that is called with the results of the
* form supplied by reviews_admin_new() to create a new item
* @param 'name' the name of the item to be created
* @param 'number' the number of the item to be created
*/
function reviews_admin_updatetitles($args)
{
// Get parameters from whatever input we need.
list($title, $description, $alanguage, $letters) =
pnVarCleanFromInput( 'title','description','alanguage', 'letters');
extract($args);
// Confirm authorisation code.
if (!pnSecConfirmAuthKey()) {
pnSessionSetVar('errormsg', _BADAUTHKEY);
pnRedirect(pnModURL('reviews', 'admin', 'main'));
return true;
}
// Load API.
if (!pnModAPILoad('reviews', 'admin')) {
pnSessionSetVar('errormsg', _LOADFAILED);
return $output->GetOutput();
}
// The API function is called. Note that the name of the API function and
// the name of this function are identical, this helps a lot when
// programming more complex modules. The arguments to the function are
// passed in as their own arguments array
$rid = pnModAPIFunc('reviews', 'admin', 'updatetitles',
array('title' => $title,
'description' => $description,
'alanguage' => $alanguage,
'letters' => $letters));
if ($rid != false) {
// Success
pnSessionSetVar('statusmsg', _REVIEWCONFUPDATED);
}
pnRedirect(pnModURL('reviews', 'admin', 'main'));
return true;
}
/**
* This is a standard function to update the configuration parameters of the
* module given the information passed back by the modification form
*/
function reviews_admin_updateconfig()
{
$title = pnVarCleanFromInput('title');
// Confirm authorisation code.
if (!pnSecConfirmAuthKey()) {
pnSessionSetVar('errormsg', _BADAUTHKEY);
pnRedirect(pnModURL('reviews', 'admin', 'view'));
return true;
}
// Update module variables.
if (!isset($itemsperpage)) {
$itemsperpage = 10;
}
pnModSetVar('reviews', 'itemsperpage', $itemsperpage);
// This function generated no output, and so now it is complete we redirect
// the user to an appropriate page for them to carry on their work
pnRedirect(pnModURL('reviews', 'admin', 'view'));
// Return
return true;
}
?>
--- NEW FILE: pnadminapi.php ---
<?php
// $Id: pnadminapi.php,v 1.1 2002/08/07 08:09:35 voll Exp $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2002 by the PostNuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WIthOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Volodymyr Metenchuk
// Purpose of file: Reviews administration API
// ----------------------------------------------------------------------
function reviews_adminapi_create($args)
{
extract($args);
if ((!isset($id)) || (!isset($date)) || (!isset($title)) || (!isset($text)) ||
(!isset($reviewer)) || (!isset($email)) || (!isset($score)) ||
(!isset($cover)) || (!isset($url)) || (!isset($url_title)) ||
(!isset($rlanguage))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
if (!pnModAPILoad('reviews', 'user')) {
pnSessionSetVar('errormsg', _LOADFAILED);
return false;
}
if (!pnSecAuthAction(0, 'reviews::', "::", ACCESS_ADD)) {
pnSessionSetVar('errormsg', _REVIEWSADDNOAUTH);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_column'];
$nextid = $dbconn->GenId($pntable['reviews']);
$query = "INSERT INTO $pntable[reviews] ($column[id], $column[date],
$column[title], $column[text], $column[reviewer], $column[email],
$column[score], $column[cover], $column[url], $column[url_title],
$column[hits], $column[language]) VALUES ($nextid, '".
pnVarPrepForStore($date)."', '".pnVarPrepForStore($title).
"', '".pnVarPrepForStore($text)."', '".
pnVarPrepForStore($reviewer)."', '".pnVarPrepForStore($email).
"', '".pnVarPrepForStore($score)."', '".pnVarPrepForStore($cover).
"', '".pnVarPrepForStore($url)."', '".
pnVarPrepForStore($url_title)."', '1', '$rlanguage')";
$result = $dbconn->Execute($query);
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', "ERROR inserting review: " . $dbconn->ErrorMsg() );
return false;
} else {
$result = $dbconn->Execute("DELETE FROM $pntable[reviews_add]
WHERE {$pntable['reviews_add_column']['id']} = ".
pnVarPrepForStore($id)."");
if($dbconn->ErrorNo()<>0) {
pnSessionSetVar('errormsg', "ERROR deleting queued review: " . $dbconn->ErrorMsg() );
return false;
}
}
return true;
}
function reviews_adminapi_updatetitles($args)
{
extract($args);
if ((!isset($title)) ||
(!isset($description)) ||
(!isset($alanguage)) ||
(!isset($letters))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
if (!pnModAPILoad('reviews', 'user')) {
pnSessionSetVar('errormsg', _LOADFAILED);
return false;
}
if (!pnSecAuthAction(0, 'reviews::', "::", ACCESS_EDIT)) {
pnSessionSetVar('errormsg', _REVIEWSEDITNOAUTH);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_main_column'];
$currentlang = pnUserGetLang();
if (pnConfigGetVar('multilingual') == 1) {
$querylang = " WHERE $column[language] ='$alanguage'";
} else {
$querylang = "";
}
$resultrm = $dbconn->Execute("SELECT $column[title], $column[description], $column[language], $column[letters]
FROM $pntable[reviews_main] $querylang");
if ($resultrm->EOF) {
$sql = "INSERT INTO $pntable[reviews_main] VALUES('"
.pnVarPrepForStore($title)."','".pnVarPrepForStore($description)."','"
.pnVarPrepForStore($alanguage)."','".pnVarPrepForStore($letters)."')";
} else {
$sql = "UPDATE $pntable[reviews_main]
SET $column[title]='".pnVarPrepForStore($title)."',
$column[description]='".pnVarPrepForStore($description)."',
$column[language]='".pnVarPrepForStore($alanguage)."',
$column[letters]='".pnVarPrepForStore($letters)."' $querylang";
}
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', "ERROR updating configuration: " . $dbconn->ErrorMsg() );
return false;
}
return true;
}
function reviews_adminapi_deletewaiting($args)
{
extract($args);
if (!isset($id)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
if (!pnSecAuthAction(0, 'reviews::', "::", ACCESS_DELETE)) {
pnSessionSetVar('errormsg', _REVIEWSDELNOAUTH);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$result = $dbconn->Execute("DELETE FROM $pntable[reviews_add] WHERE {$pntable['reviews_add_column']['id']} = ".pnVarPrepForStore($id)."");
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', "ERROR deleting queued review: " . $dbconn->ErrorMsg() );
return false;
}
return true;
}
?>
--- NEW FILE: pninit.php ---
<?php
// $Id: pninit.php,v 1.1 2002/08/07 08:09:35 voll Exp $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2002 by the PostNuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WIthOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Volodymyr Metenchuk
// Purpose of file: Initialisation functions for reviews
// ----------------------------------------------------------------------
/**
* initialise the reviews module
* This function is only ever called once during the lifetime of a particular
* module instance
*/
function reviews_init()
{
// Get database setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex modules
// Create the table - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating out
// the SQL statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$reviewstable = $pntable['reviews'];
$reviewscolumn = &$pntable['reviews_column'];
$sql = "CREATE TABLE $reviewstable (
pn_id int(11) NOT NULL auto_increment,
pn_date datetime NOT NULL default '0000-00-00 00:00:00',
pn_title varchar(150) NOT NULL default '',
pn_text text NOT NULL,
pn_reviewer varchar(20) default NULL,
pn_email varchar(60) default NULL,
pn_score int(11) NOT NULL default '0',
pn_cover varchar(100) NOT NULL default '',
pn_url varchar(100) NOT NULL default '',
pn_url_title varchar(50) NOT NULL default '',
pn_hits int(11) NOT NULL default '0',
pn_language varchar(30) NOT NULL default '',
PRIMARY KEY (pn_id))";
$dbconn->Execute($sql);
$reviewstable_add = $pntable['reviews_add'];
$reviewscolumn_add = &$pntable['reviews_column_add'];
$sql = "CREATE TABLE $reviewstable_add (
pn_id int(11) NOT NULL auto_increment,
pn_date datetime default NULL,
pn_title varchar(150) NOT NULL default '',
pn_text text NOT NULL,
pn_reviewer varchar(20) NOT NULL default '',
pn_email varchar(60) default NULL,
pn_score int(11) NOT NULL default '0',
pn_url varchar(100) NOT NULL default '',
pn_url_title varchar(50) NOT NULL default '',
pn_language varchar(30) NOT NULL default '',
PRIMARY KEY (pn_id))";
$dbconn->Execute($sql);
$reviewstable_comments = $pntable['reviews_comments'];
$reviewscolumn_comments = &$pntable['reviews_column_comments'];
$sql = "CREATE TABLE $reviewstable_comments (
pn_cid int(11) NOT NULL auto_increment,
pn_rid int(11) NOT NULL default '0',
pn_userid varchar(25) NOT NULL default '',
pn_date datetime default NULL,
pn_comments text,
pn_score int(11) NOT NULL default '0',
PRIMARY KEY (pn_cid))";
$dbconn->Execute($sql);
$reviewstable_main = $pntable['reviews_main'];
$reviewscolumn_main = &$pntable['reviews_column_main'];
$sql = "CREATE TABLE $reviewstable_main (
pn_title varchar(100) default NULL,
pn_description text,
pn_language varchar(30) NOT NULL default '',
pn_letters text)";
$dbconn->Execute($sql);
$alphabet = "A|B|C|D|E|F|G|H|I|J|K|L|M|N|O|P|Q|R|S|T|U|V|W|X|Y|Z|1|2|3|4|5|6|7|8|9|0";
$sql = "INSERT INTO $reviewstable_main VALUES('Reviews Section Title',
'Reviews Section Long Description','eng','$alphabet')";
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _CREATETABLEFAILED);
return false;
}
// Set up an initial value for a module variable. Note that all module
// variables should be initialised with some value in this way rather
// than just left blank, this helps the user-side code and means that
// there doesn't need to be a check to see if the variable is set in
// the rest of the code as it always will be
pnModSetVar('reviews', 'itemsperpage', 10);
// Initialisation successful
return true;
}
/**
* upgrade the reviews module from an old version
* This function can be called multiple times
*/
function reviews_upgrade($oldversion)
{
// Upgrade dependent on old version number
switch($oldversion) {
case 1.0:
// Code to upgrade from version 1.0 goes here
pnModSetVar('reviews', 'itemsperpage', 10);
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$reviewstable_main = $pntable['reviews_main'];
$reviewscolumn_main = &$pntable['reviews_column_main'];
$sql = "ALTER TABLE $reviewstable_main ADD pn_language varchar(30) NOT NULL default '' AFTER pn_description";
$dbconn->Execute($sql);
$sql = "ALTER TABLE $reviewstable_main ADD pn_letters text AFTER pn_language";
$dbconn->Execute($sql);
$alphabet = "A|B|C|D|E|F|G|H|I|J|K|L|M|N|O|P|Q|R|S|T|U|V|W|X|Y|Z|1|2|3|4|5|6|7|8|9|0";
$sql = "UPDATE $reviewstable_main SET pn_language='eng', pn_letters='$alphabet'";
$dbconn->Execute($sql);
break;
case 1.1:
// Code to upgrade from version 2.0 goes here
break;
}
// Update successful
return true;
}
/**
* delete the reviews module
* This function is only ever called once during the lifetime of a particular
* module instance
*/
function reviews_delete()
{
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// Drop the table - for such a simple command the advantages of separating
// out the SQL statement from the Execute() command are minimal, but as
// this has been done elsewhere it makes sense to stick to a single method
$sql = "DROP TABLE $pntable[reviews]";
$dbconn->Execute($sql);
$sql = "DROP TABLE $pntable[reviews_add]";
$dbconn->Execute($sql);
$sql = "DROP TABLE $pntable[reviews_comments]";
$dbconn->Execute($sql);
$sql = "DROP TABLE $pntable[reviews_main]";
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
// Report failed deletion attempt
return false;
}
// Delete any module variables
pnModDelVar('reviews', 'itemsperpage');
// Deletion successful
return true;
}
?>
--- NEW FILE: pntables.php ---
<?php
// $Id: pntables.php,v 1.1 2002/08/07 08:09:35 voll Exp $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2002 by the PostNuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WIthOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Volodymyr Metenchuk
// Purpose of file: Table information for reviews module
// ----------------------------------------------------------------------
/**
* This function is called internally by the core whenever the module is
* loaded. It adds in the information
*/
function reviews_pntables()
{
// Initialise table array
$pntable = array();
// Get the name for the template item table. This is not necessary
// but helps in the following statements and keeps them readable
// Set the table name
// Set the column names. Note that the array has been formatted
// on-screen to be very easy to read by a user.
$reviews = pnConfigGetVar('prefix') . '_reviews';
$pntable['reviews'] = $reviews;
$pntable['reviews_column'] = array (
'id' => $reviews . '.pn_id',
'date' => $reviews . '.pn_date',
'title' => $reviews . '.pn_title',
'text' => $reviews . '.pn_text',
'reviewer' => $reviews . '.pn_reviewer',
'email' => $reviews . '.pn_email',
'score' => $reviews . '.pn_score',
'cover' => $reviews . '.pn_cover',
'url' => $reviews . '.pn_url',
'url_title' => $reviews . '.pn_url_title',
'hits' => $reviews . '.pn_hits',
'rlanguage' => $reviews . '.pn_language',
'language' => $reviews . '.pn_language');
$reviews_add = pnConfigGetVar('prefix') . '_reviews_add';
$pntable['reviews_add'] = $reviews_add;
$pntable['reviews_add_column'] = array (
'id' => $reviews_add . '.pn_id',
'date' => $reviews_add . '.pn_date',
'title' => $reviews_add . '.pn_title',
'text' => $reviews_add . '.pn_text',
'reviewer' => $reviews_add . '.pn_reviewer',
'email' => $reviews_add . '.pn_email',
'score' => $reviews_add . '.pn_score',
'url' => $reviews_add . '.pn_url',
'url_title' => $reviews_add . '.pn_url_title',
'rlanguage' => $reviews_add . '.pn_language',
'language' => $reviews_add . '.pn_language');
$reviews_comments = pnConfigGetVar('prefix') . '_reviews_comments';
$pntable['reviews_comments'] = $reviews_comments;
$pntable['reviews_comments_column'] = array (
'cid' => $reviews_comments . '.pn_cid',
'rid' => $reviews_comments . '.pn_rid',
'userid' => $reviews_comments . '.pn_userid',
'date' => $reviews_comments . '.pn_date',
'comments' => $reviews_comments . '.pn_comments',
'score' => $reviews_comments . '.pn_score');
$reviews_main = pnConfigGetVar('prefix') . '_reviews_main';
$pntable['reviews_main'] = $reviews_main;
$pntable['reviews_main_column'] = array (
'title' => $reviews_main . '.pn_title',
'description' => $reviews_main . '.pn_description',
'language' => $reviews_main . '.pn_language',
'letters' => $reviews_main . '.pn_letters');
// Return the table information
return $pntable;
}
?>
--- NEW FILE: pnuser.php ---
<?php
// $Id: pnuser.php,v 1.1 2002/08/07 08:09:35 voll Exp $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2002 by the PostNuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
[...1124 lines suppressed...]
function reviews_user_deletecomment()
{
list($cid,$id) = pnVarCleanFromInput('cid','id');
$output = new pnHTML();
if(!pnModAPILoad('reviews', 'user')) {
$output->Text(_APILOADFAILED);
return $output->GetOutput();
}
$result = pnModAPIFunc('reviews', 'user', 'deletecomment', array('cid' => $cid, 'id' => $id));
if($result == false) {
$output->Text(_REVIEWSCOMMENTDELETEFAILED);
return $output->GetOutput();
}
pnRedirect(pnModURL('reviews', 'user', 'main'));
}
?>
--- NEW FILE: pnuserapi.php ---
<?php
// $Id: pnuserapi.php,v 1.1 2002/08/07 08:09:35 voll Exp $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2002 by the PostNuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WIthOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Jim McDonald
// Purpose of file: Template user API
// ----------------------------------------------------------------------
/**
* get all example items
* @returns array
* @return array of items, or false on failure
*/
function reviews_userapi_getall($args)
{
extract($args);
if (!isset($startnum)) {
$startnum = 1;
}
if (!isset($numitems)) {
$numitems = -1;
}
if ((!isset($startnum)) || (!isset($numitems))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
$items = array();
if (!pnSecAuthAction(0, 'reviews::', '::', ACCESS_READ)) {
return $items;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_column'];
$sql = "SELECT $column[id],$column[date],$column[title],$column[text],$column[reviewer],
$column[email],$column[score],$column[cover],$column[url],$column[url_title],$column[hits],
$column[rlanguage] FROM $pntable[reviews] ORDER BY $column[title]";
$result = $dbconn->SelectLimit($sql, $numitems, $startnum-1);
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _GETFAILED);
return false;
}
for (; !$result->EOF; $result->MoveNext()) {
list($id, $date, $title, $text, $reviewer, $email, $score, $cover,
$url, $url_title, $hits, $rlanguage) = $result->fields;
if (pnSecAuthAction(0, 'reviews::', "$title::$id", ACCESS_READ)) {
$items[] =
array('id' => $id,
'date' => $date,
'title' => $title,
'text' => $text,
'reviewer' => $reviewer,
'email' => $email,
'score' => $score,
'cover' => $cover,
'url' => $url,
'url_title' => $url_title,
'hits' => $hits,
'rlanguage' => $rlanguage);
}
}
$result->Close();
return $items;
}
/**
* get all example items
* @returns array
* @return array of items, or false on failure
*/
function reviews_userapi_getallwaiting($args)
{
extract($args);
$items = array();
if (!pnSecAuthAction(0, 'reviews::', '::', ACCESS_ADMIN)) {
return $items;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_add_column'];
$sql = "SELECT $column[id], $column[date], $column[title], $column[text],
$column[reviewer], $column[email], $column[score], $column[url],
$column[url_title], $column[language] FROM $pntable[reviews_add]
ORDER BY $column[id]";
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _GETFAILED);
return false;
}
for (; !$result->EOF; $result->MoveNext()) {
list($id, $date, $title, $text, $reviewer, $email, $score,
$url, $url_title, $rlanguage) = $result->fields;
if (pnSecAuthAction(0, 'reviews::', "$title::$id", ACCESS_ADMIN)) {
$items[] =
array('id' => $id,
'date' => $date,
'title' => $title,
'text' => $text,
'reviewer' => $reviewer,
'email' => $email,
'score' => $score,
'url' => $url,
'url_title' => $url_title,
'rlanguage' => $rlanguage);
}
}
$result->Close();
return $items;
}
/**
* get a specific item
* @param $args['id'] id of example item to get
* @returns array
* @return item array, or false on failure
*/
function reviews_userapi_get($args)
{
extract($args);
if (!isset($id)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_column'];
$sql = "SELECT $column[date],$column[title], $column[text],$column[reviewer],$column[email],
$column[score],$column[cover],$column[url],$column[url_title],$column[hits],$column[rlanguage]
FROM $pntable[reviews] WHERE $column[id] = " . pnVarPrepForStore($id);
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
return false;
}
if ($result->EOF) {
return false;
}
list($date, $title, $text, $reviewer, $email, $score, $cover,
$url, $url_title, $hits, $rlanguage) = $result->fields;
$result->Close();
if (!pnSecAuthAction(0, 'reviews::', "$title::$id", ACCESS_READ)) {
return false;
}
$item = array('id' => $id,
'date' => $date,
'title' => $title,
'text' => $text,
'reviewer' => $reviewer,
'email' => $email,
'score' => $score,
'cover' => $cover,
'url' => $url,
'url_title' => $url_title,
'hits' => $hits,
'rlanguage' => $rlanguage);
return $item;
}
/**
* utility function to count the number of items held by this module
* @returns integer
* @return number of items held by this module
*/
function reviews_userapi_countitems()
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_column'];
$sql = "SELECT COUNT(1)
FROM $pntable[reviews]";
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
return false;
}
list($numitems) = $result->fields;
$result->Close();
return $numitems;
}
/**
* get all items for selected letter
* @returns array
* @return array of items, or false on failure
*/
function reviews_userapi_view($args)
{
extract($args);
if (!isset($letter)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$reviewstable = $pntable['reviews'];
$column = &$pntable['reviews_column'];
$currentlang = pnUserGetLang();
if (pnConfigGetVar('multilingual') == 1) {
$querylang = "AND ($column[language] ='$currentlang' OR $column[language] = '')";
} else {
$querylang = "";
}
if ($letter == _ALL) {
$query = "SELECT $column[id], $column[title], $column[hits], $column[reviewer], $column[score]
FROM $reviewstable WHERE $column[id] != '' $querylang ";
} else {
$query = "SELECT $column[id], $column[title], $column[hits], $column[reviewer], $column[score]
FROM $reviewstable WHERE UPPER($column[title]) LIKE '$letter%' $querylang ";
}
switch($field) {
case "reviewer":
$query .= " ORDER by pn_reviewer $order";
break;
case "score":
$query .= " ORDER by pn_score $order";
break;
case "hits":
$query .= " ORDER by pn_hits $order";
break;
default:
$query .= " ORDER by pn_title $order";
break;
}
$result = $dbconn->Execute($query);
if ($dbconn->ErrorNo() != 0) {
error_log("Error: " . $dbconn->ErrorNo() . ": " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "Error accesing to the database");
return false;
}
if ($result->EOF) {
return false;
}
for (; !$result->EOF; $result->MoveNext()) {
list($id, $title, $hits, $reviewer, $score) = $result->fields;
if (pnSecAuthAction(0, 'reviews::', "$title::$id", ACCESS_READ)) {
$items[] =
array('id' => $id,
'title' => $title,
'hits' => $hits,
'reviewer' => $reviewer,
'score' => $score);
}
}
$result->Close();
return $items;
}
/**
* get all items for selected letter
* @returns array
* @return array of items, or false on failure
*/
function reviews_userapi_viewmenu($args)
{
extract($args);
if (!isset($order)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$reviewstable = $pntable['reviews'];
$column = &$pntable['reviews_column'];
$currentlang = pnUserGetLang();
if (pnConfigGetVar('multilingual') == 1) {
$querylang = "($column[language]='$currentlang' OR $column[language]='')";
} else {
$querylang = "";
}
$query = "SELECT $column[id], $column[title], $column[hits], $column[date]
FROM $reviewstable WHERE $querylang ";
switch($order) {
case "hits":
$query .= "ORDER BY $column[hits] DESC LIMIT 10";
break;
case "date":
$query .= "ORDER BY $column[date] DESC LIMIT 10";
break;
}
$result = $dbconn->Execute($query);
if ($dbconn->ErrorNo() != 0) {
error_log("Error: " . $dbconn->ErrorNo() . ": " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "Error accesing to the database");
return false;
}
if ($result->EOF) {
return false;
}
for (; !$result->EOF; $result->MoveNext()) {
list($id, $title, $hits, $date) = $result->fields;
if (pnSecAuthAction(0, 'reviews::', "$title::$id", ACCESS_READ)) {
$items[] =
array('id' => $id,
'title' => $title,
'hits' => $hits,
'date' => $date);
}
}
$result->Close();
return $items;
}
function reviews_userapi_add($args)
{
extract($args);
if ((!isset($date)) || (!isset($title)) || (!isset($text)) || (!isset($reviewer)) ||
(!isset($email)) || (!isset($score)) || (!isset($cover)) || (!isset($url)) ||
(!isset($url_title)) || (!isset($hits)) || (!isset($id)) || (!isset($rlanguage))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if ($id == 0) {
// New review
if (!(pnSecAuthAction(0, 'reviews::', "$title::", ACCESS_COMMENT))) {
pnSessionSetVar('errormsg', _REVIEWSSUBMITNOAUTH);
return false;
}
if (pnSecAuthAction(0, 'reviews::', "$title::", ACCESS_ADD)) {
// Add immediately
$column = &$pntable['reviews_column'];
$newid = $dbconn->GenId($pntable['reviews']);
$query = "INSERT INTO $pntable[reviews] ($column[id], $column[date], $column[title], $column[text], $column[reviewer], $column[email], $column[score], $column[cover], $column[url], $column[url_title], $column[hits], $column[language]) VALUES ($newid,
'".pnVarPrepForStore($date)."',
'".pnVarPrepForStore($title)."',
'".pnVarPrepForStore($text)."',
'".pnVarPrepForStore($reviewer)."',
'".pnVarPrepForStore($email)."',
'".pnVarPrepForStore($score)."',
'".pnVarPrepForStore($cover)."',
'".pnVarPrepForStore($url)."',
'".pnVarPrepForStore($url_title)."',
'1',
'".pnVarPrepForStore($rlanguage)."'
)";
$result = $dbconn->Execute($query);
if($dbconn->ErrorNo()<>0) {
error_log("ERROR 1 : " . $dbconn->ErrorMsg());
}
} else {
// Add to waiting list
$column = &$pntable['reviews_add_column'];
$nextid = $dbconn->GenId($pntable['reviews_add']);
$result = $dbconn->Execute("INSERT INTO $pntable[reviews_add] ($column[id], $column[date], $column[title], $column[text], $column[reviewer], $column[email], $column[score], $column[url], $column[url_title], $column[language]) VALUES ($nextid,
'".pnVarPrepForStore($date)."',
'".pnVarPrepForStore($title)."',
'".pnVarPrepForStore($text)."',
'".pnVarPrepForStore($reviewer)."',
'".pnVarPrepForStore($email)."',
'".pnVarPrepForStore($score)."',
'".pnVarPrepForStore($url)."',
'".pnVarPrepForStore($url_title)."',
'".pnVarPrepForStore($rlanguage)."'
)");
if($dbconn->ErrorNo()<>0) {
error_log("ERROR 1 : " . $dbconn->ErrorMsg());
}
}
} else {
// Updated review
if (!(pnSecAuthAction(0, 'reviews::', "$title::$id", ACCESS_EDIT))) {
pnSessionSetVar('errormsg', _REVIEWSEDITNOAUTH);
return false;
}
$column = &$pntable['reviews_column'];
$result = $dbconn->Execute("UPDATE $pntable[reviews] SET $column[date]='".pnVarPrepForStore($date)
."', $column[title]='".pnVarPrepForStore($title)."', $column[text]='".pnVarPrepForStore($text)
."', $column[reviewer]='".pnVarPrepForStore($reviewer)."', $column[email]='".pnVarPrepForStore($email)
."', $column[score]='".pnVarPrepForStore($score)."', $column[cover]='".pnVarPrepForStore($cover)
."', $column[url]='".pnVarPrepForStore($url)."', $column[url_title]='".pnVarPrepForStore($url_title)
."', $column[hits]='".pnVarPrepForStore($hits)."', $column[language]='".pnVarPrepForStore($rlanguage)
."' WHERE $column[id] = ".pnVarPrepForStore($id)."");
if($dbconn->ErrorNo()<>0) {
error_log("ERROR 2 : " . $dbconn->ErrorMsg());
}
}
return true;
}
function reviews_userapi_delete($args)
{
extract($args);
if (!isset($id_del)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_column'];
$result = $dbconn->Execute("SELECT $column[title]
FROM $pntable[reviews]
WHERE $column[id]=".pnVarPrepForStore($id_del)."");
list($title) = $result->fields;
$result->Close();
if (!(pnSecAuthAction(0, 'reviews::', "::$id_del", ACCESS_DELETE))) {
pnSessionSetVar('errormsg', _REVIEWSDELNOAUTH);
return false;
}
$dbconn->Execute("DELETE FROM $pntable[reviews] WHERE {$pntable['reviews_column']['id']}=".pnVarPrepForStore($id_del)."");
$dbconn->Execute("DELETE FROM $pntable[reviews_comments] WHERE {$pntable['reviews_comments_column']['rid']}='".pnVarPrepForStore($id_del)."'");
return true;
}
function reviews_userapi_updatehits($args)
{
extract($args);
if (!isset($id)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_column'];
$result = $dbconn->Execute("SELECT $column[title] FROM $pntable[reviews] WHERE $column[id]=".pnVarPrepForStore($id)."");
list($title) = $result->fields;
$result->Close();
if (!(pnSecAuthAction(0, 'reviews::', "$title::$id", ACCESS_READ))) {
pnSessionSetVar('errormsg', _REVIEWSNOAUTH);
return false;
}
$dbconn->Execute("UPDATE $pntable[reviews] SET $column[hits]=$column[hits]+1 WHERE $column[id]=".pnVarPrepForStore($id)."");
if($dbconn->ErrorNo()<>0) {
error_log("ERROR 5 : " . $dbconn->ErrorMsg());
return false;
}
return true;
}
function reviews_userapi_viewcomments($args)
{
extract($args);
if (!isset($id)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$commcolumn = &$pntable['reviews_comments_column'];
$result = $dbconn->Execute("SELECT $commcolumn[cid], $commcolumn[userid], $commcolumn[date],
$commcolumn[comments], $commcolumn[score] FROM $pntable[reviews_comments]
WHERE $commcolumn[rid]='".pnVarPrepForStore($id)."' ORDER BY $commcolumn[date] DESC");
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _GETFAILED);
return false;
}
for (; !$result->EOF; $result->MoveNext()) {
list($cid, $uname, $date, $comments, $score) = $result->fields;
if (pnSecAuthAction(0, 'reviews::', "", ACCESS_READ)) {
$items[] =
array('cid' => $cid,
'uname' => $uname,
'date' => $date,
'comments' => $comments,
'score' => $score);
}
}
$result->Close();
return $items;
}
function reviews_userapi_savecomment($args)
{
extract($args);
if ((!isset($uname)) || (!isset($id)) || (!isset($score)) || (!isset($comments))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!(pnSecAuthAction(0, 'reviews::', "::$id", ACCESS_COMMENT))) {
pnSessionSetVar('errormsg', _REVIEWSCOMMENTNOAUTH);
return false;
}
$column = &$pntable['reviews_comments_column'];
$newid = $dbconn->GenId($pntable['reviews_comments_column']);
$query = "INSERT INTO $pntable[reviews_comments] "
. "($column[cid], $column[rid], $column[userid], $column[date], $column[comments], $column[score]) "
. "VALUES ($newid, '".pnVarPrepForStore($id)."', '".pnVarPrepForStore($uname)."', now(), '"
. pnVarPrepForStore($comments)."', '".pnVarPrepForStore($score)."' )";
$result = $dbconn->Execute($query);
if($dbconn->ErrorNo()<>0)
{
error_log("ERROR 4 : " . $dbconn->ErrorMsg());
}
return true;
}
function reviews_userapi_deletecomment($args)
{
extract($args);
if ((!isset($cid)) || (!isset($id))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_column'];
$result = $dbconn->Execute("SELECT $column[title]
FROM $pntable[reviews]
WHERE $column[id]=".pnVarPrepForStore($id)."");
list($title) = $result->fields;
if (!(pnSecAuthAction(0, 'reviews::', "$title::$id", ACCESS_DELETE))) {
pnSessionSetVar('errormsg', _REVIEWSDELNOAUTH);
return false;
}
$dbconn->Execute("DELETE FROM $pntable[reviews_comments] WHERE {$pntable['reviews_comments_column']['cid']}='".pnVarPrepForStore($cid)."'");
return true;
}
function reviews_userapi_gettitles()
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column = &$pntable['reviews_main_column'];
$currentlang = pnUserGetLang();
if (pnConfigGetVar('multilingual') == 1) {
$querylang = " WHERE ($column[language] ='$currentlang' OR $column[language] = '')";
} else {
$querylang = "";
}
$resultrm = $dbconn->Execute("SELECT $column[title], $column[description], $column[language], $column[letters]
FROM $pntable[reviews_main] $querylang");
list($title, $description, $alanguage, $letters) = $resultrm->fields;
$item['title'] = $title;
$item['description'] = $description;
$item['alanguage'] = $alanguage;
$item['letters'] = $letters;
return $item;
}
?>
--- NEW FILE: pnversion.php ---
<?php // $Id: pnversion.php,v 1.1 2002/08/07 08:09:35 voll Exp $ $Name: $
$modversion['name'] = 'Reviews';
$modversion['id'] = '31';
$modversion['version'] = '1.1';
$modversion['description'] = 'Reviews Module';
$modversion['credits'] = 'docs/credits.txt';
$modversion['help'] = 'docs/install.txt';
$modversion['changelog'] = 'docs/changelog.txt';
$modversion['license'] = 'docs/license.txt';
$modversion['official'] = 1;
$modversion['author'] = 'Volodymyr Metenchuk';
$modversion['contact'] = 'http://postnuke.solidno.ru';
$modversion['admin'] = 0;
$modversion['securityschema'] = array('reviews::' => 'review name::review ID');;
?>
View Statistics - Next Notice - Previous Notice
| Visit Developer Site - Browse CVS Repository |
Syndicate via backend.rss (max. once per hour please) | Powered by CVSNotice 0.1.3 |