# HG changeset patch # User Dan # Date 1201920840 18000 # Node ID a050ff3d4509654211d6c1887f612e2fcca5dc45 # Parent 4e7762863437ff469b2f413888d7c9cf2d79595a Added the post manager. It uses AJAX. And it's pretty. At least a little. And it rips Wordpress. diff -r 4e7762863437 -r a050ff3d4509 plugins/Nuggie.php --- a/plugins/Nuggie.php Thu Jan 31 21:35:46 2008 -0500 +++ b/plugins/Nuggie.php Fri Feb 01 21:54:00 2008 -0500 @@ -40,6 +40,7 @@ if ( $page_id == "Preferences" && $namespace == "Special" ) { + $template->add_header(""); require( ENANO_ROOT . "/plugins/nuggie/usercp.php" ); } else if ( $page_id == "Search" && $namespace == "Special" ) diff -r 4e7762863437 -r a050ff3d4509 plugins/nuggie/client/usercp.css --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/plugins/nuggie/client/usercp.css Fri Feb 01 21:54:00 2008 -0500 @@ -0,0 +1,22 @@ +.nuggie_edit, .nuggie_delete { + border-width: 0; + color: #202020; + background-color: #F0F0F0; + cursor: pointer; + background-image: none; +} + +.nuggie_edit:hover { + color: #FFF; + background-color: #008800; +} + +.nuggie_delete:hover { + color: #FFF; + background-color: #AA0000; +} + +.nuggie_publishbtn { + cursor: pointer; +} + diff -r 4e7762863437 -r a050ff3d4509 plugins/nuggie/client/usercp.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/plugins/nuggie/client/usercp.js Fri Feb 01 21:54:00 2008 -0500 @@ -0,0 +1,82 @@ +/* + * Nuggie + * Version 0.1 + * Copyright (C) 2007 Dan Fuhry + * + * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied + * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. + */ + +function ajaxNuggieDeletePost(id, row) +{ + if ( !confirm('Are you sure you want to permanently delete this blog post?') ) + return false; + + _global_ng_row = row; + + try + { + ajaxPost(makeUrlNS('Special', 'Preferences/Blog/Posts/AjaxHandler'), 'act=delete&post_id=' + id, function() + { + if ( ajax.readyState == 4 ) + { + if ( ajax.responseText == '1' ) + { + var row = _global_ng_row; + for ( var i = 0; i < row.childNodes.length; i++ ) + { + if ( row.childNodes[i].tagName == 'TD' ) + { + row.childNodes[i].style.backgroundColor = 'transparent'; + } + } + var fader = new Spry.Effect.Highlight(row, {to:'#AA0000', duration: 750}); + fader.start(); + setTimeout('_global_ng_row.parentNode.removeChild(_global_ng_row);', 750); + } + else + { + alert(ajax.responseText); + } + } + }); + return false; + } + catch(e) + { + return true; + } +} + +function ajaxNuggieTogglePublished(id, obj) +{ + var published = obj.getAttribute('nuggie:published') == '1' ? true : false; + var newstate = ( published ) ? '0' : '1'; + obj.innerHTML = ' Loading...

'; + ajaxPost(makeUrlNS('Special', 'Preferences/Blog/Posts/AjaxHandler'), 'act=publish&post_id=' + id + '&state=' + newstate, function() + { + if ( ajax.readyState == 4 ) + { + if ( ajax.responseText == 'good;1' ) + { + obj.className = 'row3_green nuggie_publishbtn'; + obj.innerHTML = 'Yes'; + obj.setAttribute('nuggie:published', '1'); + } + else if ( ajax.responseText == 'good;0' ) + { + obj.className = 'row3_red nuggie_publishbtn'; + obj.innerHTML = 'No'; + obj.setAttribute('nuggie:published', '0'); + } + else + { + alert(ajax.responseText); + } + } + }); +} + diff -r 4e7762863437 -r a050ff3d4509 plugins/nuggie/usercp.php --- a/plugins/nuggie/usercp.php Thu Jan 31 21:35:46 2008 -0500 +++ b/plugins/nuggie/usercp.php Fri Feb 01 21:54:00 2008 -0500 @@ -262,7 +262,210 @@ break; case 'Posts': - echo 'module Posts'; + if ( $paths->getParam(2) == 'AjaxHandler' ) + { + ob_end_clean(); + + if ( !isset($_POST['act']) ) + die(); + + switch($_POST['act']) + { + case 'delete': + header('Content-type: application/json'); + + if ( !isset($_POST['post_id']) ) + die(); + + if ( strval(intval($_POST['post_id'])) !== $_POST['post_id'] ) + die(); + + // make sure it's ok + $post_id =& $_POST['post_id']; + $post_id = intval($post_id); + $q = $db->sql_query('SELECT post_author FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); + if ( !$q ) + $db->die_json(); + if ( $db->numrows() < 1 ) + die('That post doesn\'t exist.'); + + list($author) = $db->fetchrow_num(); + $author = intval($author); + if ( $author !== $session->user_id && !$session->get_permissions('nuggie_edit_other') ) + die('No permissions'); + + // try to delete the post... + $q = $db->sql_query('DELETE FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); + if ( !$q ) + $db->die_json(); + + echo '1'; + + break; + case 'publish': + if ( !isset($_POST['post_id']) ) + die(); + + if ( strval(intval($_POST['post_id'])) !== $_POST['post_id'] ) + die(); + + if ( !in_array(@$_POST['state'], array('0', '1')) ) + die(); + + $state = intval($_POST['state']); + $post_id =& $_POST['post_id']; + $post_id = intval($post_id); + + // validate permissions + $q = $db->sql_query('SELECT post_author FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); + if ( !$q ) + $db->die_json(); + if ( $db->numrows() < 1 ) + die('That post doesn\'t exist.'); + + list($author) = $db->fetchrow_num(); + $author = intval($author); + if ( $author !== $session->user_id && !$session->get_permissions('nuggie_edit_other') ) + die('No permissions'); + + // try to delete the post... + $q = $db->sql_query('UPDATE ' . table_prefix . 'blog_posts SET post_published = ' . $state . ' WHERE post_id = ' . $post_id . ';'); + if ( !$q ) + $db->die_json(); + + echo "good;$state"; + + break; + } + + $db->close(); + exit(); + } + + if ( isset($_POST['action']) ) + { + $action =& $_POST['action']; + // Parse parameters + if ( strpos($action, ';') ) + { + // Parameter section + $parms = substr($action, strpos($action, ';') + 1); + + // Action name section + $action = substr($action, 0, strpos($action, ';')); + + // Match all parameters + preg_match_all('/([a-z0-9_]+)=(.+?)(;|$)/', $parms, $matches); + $parms = array(); + + // For each full parameter, assign $parms an associative value + foreach ( $matches[0] as $i => $_ ) + { + $parm = $matches[2][$i]; + + // Is this parameter in the form of an integer? + // (designed to ease validation later) + if ( preg_match('/^[0-9]+$/', $parm) ) + // Yes, run intval(), this enabling is_int()-ish checks + $parm = intval($parm); + + $parms[$matches[1][$i]] = $parm; + } + } + switch ( $action ) + { + case 'edit': + if ( !is_int(@$parms['id']) ) + break; + // This is hackish. Really, REALLY hackish. + $_SERVER['PATH_INFO'] = '.../' . $paths->nslist['Special'] . 'Preferences/Blog/Write/' . $parms['id']; + nuggie_user_cp('Blog'); + return true; + break; + case 'delete': + + if ( !is_int(@$parms['id']) ) + break; + + // make sure it's ok + $post_id = $parms['id']; + $post_id = intval($post_id); + $q = $db->sql_query('SELECT post_author FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); + if ( !$q ) + $db->_die(); + if ( $db->numrows() < 1 ) + die('That post doesn\'t exist.'); + + list($author) = $db->fetchrow_num(); + $author = intval($author); + if ( $author !== $session->user_id && !$session->get_permissions('nuggie_edit_other') ) + die('No permissions'); + + // try to delete the post... + $q = $db->sql_query('DELETE FROM ' . table_prefix . 'blog_posts WHERE post_id = ' . $post_id . ';'); + if ( !$q ) + $db->_die(); + + echo '

Post deleted.

'; + + break; + } + } + + // include some javascript for management + echo ''; + + // the form + // +------------------+------------+------+-----+---------+----------------+ + // | Field | Type | Null | Key | Default | Extra | + // +------------------+------------+------+-----+---------+----------------+ + // | post_id | int(15) | NO | PRI | NULL | auto_increment | + // | post_title | text | NO | | | | + // | post_title_clean | text | NO | | | | + // | post_author | int(12) | NO | | 1 | | + // | post_text | longtext | NO | | | | + // | post_timestamp | int(32) | NO | | 0 | | + // | post_published | tinyint(1) | NO | | 0 | | + // +------------------+------------+------+-----+---------+----------------+ + + echo '

'; + + $q = $db->sql_query('SELECT post_id, post_title, post_title_clean, post_timestamp, post_published FROM ' . table_prefix . 'blog_posts WHERE post_author = ' . $session->user_id . ' ORDER BY post_timestamp DESC;'); + if ( !$q ) + $db->_die(); + + echo '

+ '; + + echo ' + + + + + + '; + + while ( $row = $db->fetchrow() ) + { + echo ''; + + $uri = makeUrlNS('Blog', $session->username . date('/Y/n/j/', $row['post_timestamp']) . $row['post_title_clean'], false, true); + + echo ''; + echo ''; + $cls = ( $row['post_published'] == 1 ) ? 'row3_green' : 'row3_red'; + echo ''; + echo ''; + echo ''; + + echo ''; + } + + echo '

#	Post title	Published	Time
' . $row['post_id'] . '	' . "" . htmlspecialchars($row['post_title']) . '	' . ( ( $row['post_published'] == 1 ) ? 'Yes' : 'No' ) . '	' . ( function_exists('enano_date') ? enano_date('Y-m-d', $row['post_timestamp']) : date('Y-m-d h:i', $row['post_timestamp']) ) . '

'; + + echo '

'; + break; case 'Write':