# HG changeset patch
# User Dan
# Date 1213635264 14400
# Node ID cd46e29ae6996f77c4ce16549ea6db78715a4d6d
# Parent c51809bdf6af684c92ff48e33f86c15dc013041c
Started work on planet system. From this point onward, enano-1.1 rev 571 or later required.
diff -r c51809bdf6af -r cd46e29ae699 plugins/Nuggie.php
--- a/plugins/Nuggie.php Sat Jun 14 22:01:05 2008 -0400
+++ b/plugins/Nuggie.php Mon Jun 16 12:54:24 2008 -0400
@@ -59,6 +59,11 @@
$paths->create_namespace('Blog', 'Blog:');
$paths->create_namespace('Planet', 'Planet:');
+ $paths->create_namespace('BlogPost', 'Blog_post:');
+
+ // Register namespace processors
+ $paths->register_namespace_processor('BlogPost', 'nuggie_blogpost_uri_handler');
+ $paths->register_namespace_processor('Planet', 'nuggie_planet_uri_handler');
// Create custom permissions for Nuggie
@@ -75,14 +80,17 @@
// Extend the core permission set
- $session->acl_extend_scope('read', 'Blog|Planet', $paths);
- $session->acl_extend_scope('edit_comments', 'Blog', $paths);
- $session->acl_extend_scope('post_comments', 'Blog', $paths);
- $session->acl_extend_scope('mod_comments', 'Blog', $paths);
+ $session->acl_extend_scope('read', 'Blog|Planet|BlogPost', $paths);
+ $session->acl_extend_scope('edit_comments', 'BlogPost', $paths);
+ $session->acl_extend_scope('post_comments', 'BlogPost', $paths);
+ $session->acl_extend_scope('mod_comments', 'BlogPost', $paths);
}
$plugins->attachHook('page_type_string_set', 'nuggie_set_page_string();');
+require( ENANO_ROOT . '/plugins/nuggie/planet.php' );
+require( ENANO_ROOT . '/plugins/nuggie/postbit.php' );
+
function nuggie_set_page_string()
{
global $db, $session, $paths, $template, $plugins; // Common objects
@@ -112,8 +120,7 @@
if ( $processor->namespace == 'Blog' )
{
- require( ENANO_ROOT . '/plugins/nuggie/postbit.php' );
- $result = nuggie_blog_uri_handler($processor->page_id);
+ $result = nuggie_blog_uri_handler($processor);
if ( $result === '_err_access_denied' )
{
$processor->err_access_denied();
@@ -122,12 +129,7 @@
}
else if ( $processor->namespace == 'Planet' )
{
- $result = nuggie_planet_uri_handler($processor->page_id);
- if ( $result === '_err_access_denied' )
- {
- $processor->err_access_denied();
- return true;
- }
+ // revision 7: never called anymore
}
}
diff -r c51809bdf6af -r cd46e29ae699 plugins/nuggie/planet.php
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/plugins/nuggie/planet.php Mon Jun 16 12:54:24 2008 -0400
@@ -0,0 +1,68 @@
+page_id;
+
+ //
+ // VALIDATION
+ //
+
+ // Fetch ACLs
+ $perms = $session->fetch_page_acl($planet_id, 'Planet');
+
+ // Obtain planet info
+ $q = $db->sql_query('SELECT p.planet_id, p.planet_name, p.planet_subtitle, p.planet_creator, p.planet_public, p.planet_visible, m.mapping_type, m.mapping_value ' . "\n"
+ . ' FROM ' . table_prefix . "planets AS p\n"
+ . " LEFT JOIN " . table_prefix . "planets_mapping AS m\n"
+ . " ON ( p.planet_id = m.planet_id )\n"
+ . " WHERE p.planet_name = '" . $db->escape(sanitize_page_id($planet_id)) . "';");
+ if ( !$q )
+ $db->_die();
+
+ if ( $db->numrows() < 1 )
+ {
+ // planet not found, fall out
+ return false;
+ }
+
+ // fetch first row, then seek back to the first result to allow mapping fetching later
+ $planet_data = $db->fetchrow();
+ $db->sql_data_seek(0);
+
+ // check author and publicity
+ if ( $planet_data['planet_creator'] != $session->user_id && !$planet_data['planet_public'] )
+ {
+ return $page->err_access_denied();
+ }
+
+ // ACL check
+ if ( !$perms->get_permissions('read') )
+ {
+ return $page->err_access_denied();
+ }
+
+ // fetch mappings to prepare to select the actual blog data
+ echo 'WiP';
+}
+
+?>
diff -r c51809bdf6af -r cd46e29ae699 plugins/nuggie/postbit.php
--- a/plugins/nuggie/postbit.php Sat Jun 14 22:01:05 2008 -0400
+++ b/plugins/nuggie/postbit.php Mon Jun 16 12:54:24 2008 -0400
@@ -216,9 +216,12 @@
}
}
-function nuggie_blog_uri_handler($uri)
+function nuggie_blog_uri_handler($page)
{
global $db, $session, $paths, $template, $plugins; // Common objects
+
+ $uri = $page->page_id;
+
$template->add_header('');
if ( strstr($uri, '/') )
{
@@ -256,20 +259,15 @@
$ptc = $db->escape($post_title_clean);
$uname = $db->escape(dirtify_page_id($poster));
- $q = $db->sql_query("SELECT p.post_id, p.post_title, p.post_title_clean, p.post_author, p.post_timestamp, p.post_text, b.blog_name,\n"
- . " b.blog_subtitle, b.blog_type, b.allowed_users, u.username, u.user_level, COUNT(c.comment_id) AS num_comments\n"
+ $q = $db->sql_query("SELECT p.post_id\n"
. " FROM " . table_prefix . "blog_posts AS p\n"
- . " LEFT JOIN " . table_prefix . "blogs AS b\n"
- . " ON ( b.user_id = p.post_author )\n"
. " LEFT JOIN " . table_prefix . "users AS u\n"
. " ON ( u.user_id = p.post_author )\n"
- . " LEFT JOIN " . table_prefix . "comments AS c\n"
- . " ON ( ( c.page_id = '{$particlecomp}' AND c.namespace = 'Blog' ) OR ( c.page_id IS NULL AND c.namespace IS NULL ) )\n"
. " WHERE p.post_timestamp >= $time_min AND p.post_timestamp <= $time_max\n"
. " AND p.post_title_clean = '$ptc' AND u.username = '$uname'\n"
. " GROUP BY p.post_id;");
if ( !$q )
- $db->_die('Nuggie post handler selecting main post data');
+ $db->_die('Nuggie post handler doing name- and date-based lookup');
if ( $db->numrows() < 1 )
return false;
@@ -282,59 +280,29 @@
$row = $db->fetchrow();
- //
- // Determine permissions
- //
-
- // The way we're doing this is first fetching permissions for the blog, and then merging them
- // with permissions specific to the post. This way the admin can set custom permissions for the
- // entire blog, and they'll be inherited unless individual posts have overriding permissions.
- $perms_blog = $session->fetch_page_acl($row['username'], 'Blog');
- $perms = $session->fetch_page_acl("{$row['post_timestamp']}_{$row['post_id']}", 'Blog');
- $perms->perms = $session->acl_merge($perms->perms, $perms_blog->perms);
- unset($perms_blog);
-
- if ( $row['blog_type'] == 'private' )
- {
- $allowed_users = unserialize($row['allowed_users']);
- if ( !in_array($session->username, $allowed_users) && !$perms->get_permissions('nuggie_see_non_public') && $row['username'] != $session->username )
- {
- return '_err_access_denied';
- }
- }
-
- $acl_type = ( $row['post_author'] == $session->user_id ) ? 'nuggie_edit_own' : 'nuggie_edit_other';
-
- if ( !$perms->get_permissions('read') )
- return '_err_access_denied';
+ $realpost = new PageProcessor($row['post_id'], 'BlogPost');
- // We're validated - display post
- $postbit = new NuggiePostbit();
- $postbit->post_id = intval($row['post_id']);
- $postbit->post_title = $row['post_title'];
- $postbit->post_text = $row['post_text'];
- $postbit->post_author = $row['username'];
- $postbit->post_timestamp = intval($row['post_timestamp']);
- $postbit->auth_edit = $perms->get_permissions($acl_type);
- $postbit->num_comments = intval($row['num_comments']);
-
- $page_name = htmlspecialchars($row['post_title']) . ' « ' . htmlspecialchars($row['blog_name']);
- if ( method_exists($template, 'assign_vars') )
+ // huge hack
+ // the goal here is to fool the page metadata system into thinking that comments are enabled.
+ $paths->cpage['comments_on'] = 1;
+ if ( !isset($paths->pages[$paths->nslist['BlogPost'] . $row['post_id']]) )
{
- $template->assign_vars(array(
- 'PAGE_NAME' => $page_name
- ));
+ $paths->pages[$paths->nslist['BlogPost'] . $row['post_id']] = array(
+ 'urlname' => $paths->nslist['BlogPost'] . $row['post_id'],
+ 'urlname_nons' => $row['post_id'],
+ 'name' => 'determined at runtime',
+ 'comments_on' => 1,
+ 'special' => 0,
+ 'wiki_mode' => 0,
+ 'protected' => 1,
+ 'delvotes' => 0
+ );
}
- else
- {
- $template->tpl_strings['PAGE_NAME'] = $page_name;
- }
-
- $template->header();
- echo '< ' . htmlspecialchars($row['blog_name']) . '';
- echo $postbit->render_post();
- display_page_footers();
- $template->footer();
+ $realpost->page_exists = true;
+ // end huge hack
+
+ $template->init_vars($realpost);
+ $realpost->send();
return true;
}
@@ -344,6 +312,97 @@
}
}
+function nuggie_blogpost_uri_handler($page)
+{
+ global $db, $session, $paths, $template, $plugins; // Common objects
+
+ if ( !preg_match('/^[0-9]+$/', $page->page_id) )
+ {
+ return $page->err_page_not_existent();
+ }
+
+ // using page_id is SAFE. It's checked with a regex above.
+ $q = $db->sql_query("SELECT p.post_id, p.post_title, p.post_title_clean, p.post_author, p.post_timestamp, p.post_text, b.blog_name,\n"
+ . " b.blog_subtitle, b.blog_type, b.allowed_users, u.username, u.user_level, COUNT(c.comment_id) AS num_comments\n"
+ . " FROM " . table_prefix . "blog_posts AS p\n"
+ . " LEFT JOIN " . table_prefix . "blogs AS b\n"
+ . " ON ( b.user_id = p.post_author )\n"
+ . " LEFT JOIN " . table_prefix . "users AS u\n"
+ . " ON ( u.user_id = p.post_author )\n"
+ . " LEFT JOIN " . table_prefix . "comments AS c\n"
+ . " ON ( ( c.page_id = '{$page->page_id}' AND c.namespace = 'BlogPost' ) OR ( c.page_id IS NULL AND c.namespace IS NULL ) )\n"
+ . " WHERE p.post_id = {$page->page_id}\n"
+ . " GROUP BY p.post_id;");
+ if ( !$q )
+ $db->_die('Nuggie post handler selecting main post data');
+
+ if ( $db->numrows() < 1 )
+ return false;
+
+ $row = $db->fetchrow();
+
+ //
+ // Determine permissions
+ //
+
+ // The way we're doing this is first fetching permissions for the blog, and then merging them
+ // with permissions specific to the post. This way the admin can set custom permissions for the
+ // entire blog, and they'll be inherited unless individual posts have overriding permissions.
+ $perms_blog = $session->fetch_page_acl($row['username'], 'Blog');
+ $perms = $session->fetch_page_acl("{$row['post_timestamp']}_{$row['post_id']}", 'Blog');
+ $perms->perms = $session->acl_merge($perms->perms, $perms_blog->perms);
+ unset($perms_blog);
+
+ if ( $row['blog_type'] == 'private' )
+ {
+ $allowed_users = unserialize($row['allowed_users']);
+ if ( !in_array($session->username, $allowed_users) && !$perms->get_permissions('nuggie_see_non_public') && $row['username'] != $session->username )
+ {
+ return $page->err_access_denied();
+ }
+ }
+
+ $acl_type = ( $row['post_author'] == $session->user_id ) ? 'nuggie_edit_own' : 'nuggie_edit_other';
+
+ if ( !$perms->get_permissions('read') )
+ return $page->err_access_denied();
+
+ // enable comments
+ $paths->cpage['comments_on'] = 1;
+ // disable editing
+ $session->acl_merge_with_current(array(
+ 'edit_page' => AUTH_DENY
+ ));
+
+ // We're validated - display post
+ $postbit = new NuggiePostbit();
+ $postbit->post_id = intval($row['post_id']);
+ $postbit->post_title = $row['post_title'];
+ $postbit->post_text = $row['post_text'];
+ $postbit->post_author = $row['username'];
+ $postbit->post_timestamp = intval($row['post_timestamp']);
+ $postbit->auth_edit = $perms->get_permissions($acl_type);
+ $postbit->num_comments = intval($row['num_comments']);
+
+ $page_name = htmlspecialchars($row['post_title']) . ' « ' . htmlspecialchars($row['blog_name']);
+ if ( method_exists($template, 'assign_vars') )
+ {
+ $template->assign_vars(array(
+ 'PAGE_NAME' => $page_name
+ ));
+ }
+ else
+ {
+ $template->tpl_strings['PAGE_NAME'] = $page_name;
+ }
+
+ $template->header();
+ echo '< ' . htmlspecialchars($row['blog_name']) . '';
+ echo $postbit->render_post();
+ display_page_footers();
+ $template->footer();
+}
+
function nuggie_blog_index($username)
{
global $db, $session, $paths, $template, $plugins; // Common objects
@@ -394,7 +453,7 @@
. " LEFT JOIN " . table_prefix . "users AS u\n"
. " ON ( u.user_id = p.post_author )\n"
. " LEFT JOIN " . table_prefix . "comments AS c\n"
- . " ON ( ( c.page_id REGEXP CONCAT('([0-9]+)/([0-9]+)/([0-9]+)/', p.post_title_clean) AND c.namespace = 'Blog' ) OR ( c.page_id IS NULL AND c.namespace IS NULL ) )\n"
+ . " ON ( ( c.page_id = CAST(p.post_id AS char) AND c.namespace = 'BlogPost' ) OR ( c.page_id IS NULL AND c.namespace IS NULL ) )\n"
. " WHERE p.post_author = $user_id AND p.post_published = 1\n"
. " GROUP BY p.post_id\n"
. " ORDER BY p.post_timestamp DESC;");
diff -r c51809bdf6af -r cd46e29ae699 plugins/nuggie/schema.sql
--- a/plugins/nuggie/schema.sql Sat Jun 14 22:01:05 2008 -0400
+++ b/plugins/nuggie/schema.sql Mon Jun 16 12:54:24 2008 -0400
@@ -39,3 +39,11 @@
PRIMARY KEY ( post_id )
) ENGINE = MyISAM CHARACTER SET utf8 COLLATE utf8_bin;
+CREATE TABLE {{TABLE_PREFIX}}planets_mapping(
+ mapping_id int(15) NOT NULL auto_increment,
+ planet_id smallint(6) NOT NULL,
+ mapping_type smallint(3) NOT NULL DEFAULT 1,
+ mapping_value text NOT NULL,
+ PRIMARY KEY ( mapping_id )
+) ENGINE = MyISAM CHARACTER SET utf8 COLLATE utf8_bin;
+