Newer
Older
return array("administer diary entries", "access diary entries", "post diary entries");
$result = db_query("SELECT d.*, u.userid FROM diaries d LEFT JOIN users u ON d.author = u.id WHERE d.text LIKE '%$keys%' ORDER BY d.timestamp DESC LIMIT 20");
$find[$i++] = array("title" => "$diary->userid's diary", "link" => (user_access("administer diary entries") ? "admin.php?mod=diary&op=edit&id=$diary->id" : "module.php?mod=diary&op=view&name=$diary->userid"), "user" => $diary->userid, "date" => $diary->timestamp);
$result = db_query("SELECT d.*, u.userid FROM diaries d LEFT JOIN users u ON d.author = u.id ORDER BY d.timestamp DESC LIMIT $num");
while ($diary = db_fetch_object($result)) {
if ($time != date("F jS", $diary->timestamp)) {
$output .= "<B>". $date = t(date("l", $diary->timestamp)) .", ". t(date("F", $diary->timestamp)) ." ". date("j", $diary->timestamp) ."</B>\n";
$time = date("F jS", $diary->timestamp);
}
$output .= "<DL>\n";
$output .= " <DD><P><B>$diary->userid ". t("wrote") .":</B></P></DD>\n";
$output .= " <DL>\n";
$output .= " <DD><P>". check_output($diary->text, 1) ."</P><P>[ <A HREF=\"module.php?mod=diary&op=view&name=$diary->userid\">". t("more") ."</A> ]</P></DD>\n";
$output .= " </DL>\n";
$output .= "</DL>\n";
$theme->header();
$theme->box(t("Online diary"), $output);
$theme->footer();
}
else {
$theme->header();
$theme->box(t("Access denied"), message_access());
$theme->footer();
}
}
function diary_page_entry($timestamp, $text, $id = 0) {
if ($id) {
$output .= "<DL>\n";
$output .= " <DT><B>". format_date($timestamp, "large") .":</B></DT>\n";
$output .= " <DD><P>[ <A HREF=\"module.php?mod=diary&op=edit&id=$id\">". t("edit") ."</A> | <A HREF=\"module.php?mod=diary&op=delete&id=$id\">". t("delete") ."</A> ]</P><P>". check_output($text, 1) ."</P></DD>\n";
$output .= " <DT><B>". format_date($timestamp, "large") .":</B></DT>\n";
$output .= " <DD><P>". check_output($text, 1) ."</P></DD>\n";
$output .= "</DL>\n";
}
return $output;
}
function diary_page_display($username) {
global $theme, $user;
$result = db_query("SELECT d.*, u.userid FROM diaries d LEFT JOIN users u ON d.author = u.id WHERE u.userid = '$username' ORDER BY timestamp DESC");
if ($username == $user->userid) {
$output .= diary_page_entry(time(), "<BIG><A HREF=\"module.php?mod=diary&op=add\">". t("Add new diary entry!") ."</A></BIG><P>");
while ($diary = db_fetch_object($result)) $output .= diary_page_entry($diary->timestamp, $diary->text, $diary->id);
}
else {
while ($diary = db_fetch_object($result)) $output .= diary_page_entry($diary->timestamp, $diary->text);
}
$theme->header();
$output .= "<FORM ACTION=\"module.php?mod=diary\" METHOD=\"post\">\n";
$output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\"></TEXTAREA><BR>\n";
$output .= " <SMALL><I>". t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")) .".</I></SMALL>\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview diary entry\">\n";
$output .= "</P>\n";
$output .= "</FORM>\n";
function diary_page_delete($id) {
db_query("DELETE FROM diaries WHERE id = '$id'");
watchdog("message", "diary: diary entry deleted");
}
$result = db_query("SELECT * FROM diaries WHERE id = '$id'");
$diary = db_fetch_object($result);
$output .= diary_page_entry($diary->timestamp, $diary->text);
$output .= "<FORM ACTION=\"module.php?mod=diary\" METHOD=\"post\">\n";
$output .= "<P>\n";
$output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_form($diary->text) ."</TEXTAREA><BR>\n";
$output .= " <SMALL><I>". t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")) .".</I></SMALL>\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$diary->id\">\n";
$output .= " <INPUT TYPE=\"hidden\" NAME=\"timestamp\" VALUE=\"$diary->timestamp\">\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview diary entry\"> <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Submit diary entry\">\n";
$output .= "</P>\n";
$output .= "</FORM>\n";
$theme->footer();
}
function diary_page_preview($text, $timestamp, $id = 0) {
$output .= diary_page_entry($timestamp, $text);
$output .= "<FORM ACTION=\"module.php?mod=diary\" METHOD=\"post\">\n";
$output .= "<P>\n";
$output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_form($text) ."</TEXTAREA><BR>\n";
$output .= " <SMALL><I>". t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")) .".</I></SMALL>\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview diary entry\">\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Submit diary entry\">\n";
$output .= "</P>\n";
$output .= "</FORM>\n";
$theme->header();
$theme->footer();
}
function diary_page_submit($text, $id = 0) {
global $user, $theme;
if ($id) {
watchdog("message", "diary: old diary entry updated");
db_query("INSERT INTO diaries (author, text, timestamp) VALUES ('$user->id', '$text', '". time() ."')");
}
header("Location: module.php?mod=diary&op=view&name=$user->userid");
}
function diary_page() {
global $op, $id, $name, $text, $timestamp;
// Security check:
if (strstr($id, " ") || strstr($name, " ")) {
watchdog("error", "diary: attempt to provide malicious input through URI");
exit();
}
switch($op) {
case "add":
diary_page_add();
break;
case "delete":
diary_page_delete(check_input($id));
diary_page_display(check_input($name));
if ($id) diary_page_preview(($text ? check_output($text) : ""), check_input($timestamp), check_input($id));
else diary_page_preview(($text ? check_output($text) : ""), time());
if ($id) diary_page_submit(check_input($text), check_input($id));
else diary_page_submit(check_input($text));
<P>Drupal's diary module allows registered users to maintain an online diary. It provides easy-to-write and easy-to-read online diaries or journals that can be filled with daily thoughts, poetry, boneless blabber, spiritual theories, intimate details, valuable experiences, cynical rants, semi-coherent comments, writing experiments, artistic babblings, critics on current facts, fresh insights, diverse dreams, chronicles and mumbling madness available for public consumption.</P>
Steven Wittens
committed
if ($type == "admin" && user_access("administer diary entries")) {
$links[] = "<a href=\"admin.php?mod=diary\">online diaries</a>";
}
if ($type == "page" && user_access("access diary entries")) {
$links[] = "<a href=\"module.php?mod=diary\">". t("online diaries") ."</a>";
}
if ($type == "menu" && user_access("post diary entries")) {
$links[] = "<a href=\"module.php?mod=diary&op=add\">". t("edit your diary") ."</a>";
$links[] = "<a href=\"module.php?mod=diary&op=view\">". t("view your diary") ."</a>";
}
return $links ? $links : array();
$result = db_query("SELECT u.userid, d.timestamp FROM diaries d LEFT JOIN users u ON d.author = u.id ORDER BY timestamp DESC LIMIT 10");
while ($diary = db_fetch_object($result)) {
if ($time != date("F jS", $diary->timestamp)) {
$content .= "<P><B>". t(date("l", $diary->timestamp)) ."</B> (". date("m/d/Y", $diary->timestamp) .")</P>\n";
$time = date("F jS", $diary->timestamp);
}
$content .= "<LI><A HREF=\"module.php?mod=diary&op=view&name=$diary->userid\">$diary->userid</A></LI>\n";
}
$block[0]["subject"] = "Recent diary entries";
$block[0]["content"] = $content;
$block[0]["link"] = "module.php?mod=diary";
return $block;
}
$result = db_query("SELECT d.*, u.userid FROM diaries d LEFT JOIN users u ON d.author = u.id WHERE d.id = '$id'");
$diary = db_fetch_object($result);
$output .= "<FORM ACTION=\"admin.php?mod=diary&op=save&id=$id\" METHOD=\"post\">\n";
$output .= "<P>\n";
$output .= " <B>Author:</B><BR>\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= "<B>Diary entry:</B><BR>\n";
$output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"text\">". check_form($diary->text) ."</TEXTAREA><BR>\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save diary entry\">\n";
$output .= "</P>\n";
$output .= "</FORM>\n";
function diary_admin_delete($id) {
db_query("DELETE FROM diaries WHERE id = '$id'");
watchdog("message", "diary: deleted entry #$id.");
}
// Initialize variables:
$fields = array("author" => "author", "date" => "timestamp DESC");
// Perform SQL query:
$result = db_query("SELECT d.*, u.userid FROM diaries d LEFT JOIN users u ON u.id = d.author ORDER BY d.$fields[$order] LIMIT 50");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TH ALIGN=\"right\" COLSPAN=\"4\">\n";
$output .= " <FORM ACTION=\"admin.php?mod=diary\" METHOD=\"post\">\n";
$output .= " <SELECT NAME=\"order\">\n";
foreach ($fields as $key=>$value) {
$output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n";
}
$output .= " </SELECT>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n";
$output .= " </FORM>\n";
$output .= " </TH>\n";
$output .= " </TR>\n";
$output .= " <TR>\n";
$output .= " <TH>subject</TH>\n";
$output .= " <TH>author</TH>\n";
$output .= " <TH COLSPAN=\"2\">operations</TH>\n";
$output .= " </TR>\n";
while ($diary = db_fetch_object($result)) {
$output .= " <TR><TD><A HREF=\"module.php?mod=diary&op=view&name=$diary->userid\">$diary->userid on ". format_date($diary->timestamp, "small") ."</A></TD><TD>". format_username($diary->userid) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=diary&op=edit&id=$diary->id\">edit</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=diary&op=delete&id=$diary->id\">delete</A></TD></TR>\n";
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
print "<SMALL><A HREF=\"admin.php?mod=diary\">overview</A> | <A HREF=\"admin.php?mod=diary&op=search\">search diary</A> | <A HREF=\"admin.php?mod=diary&op=help\">help</A></SMALL><HR>\n";
switch ($op) {
case "delete":
diary_admin_delete(check_input($id));
diary_admin_display();
break;
case "edit":
diary_admin_edit(check_input($id));
break;
case "help":
diary_help();
break;
case "search":
print search_form($keys);
print search_data($keys, $mod);
break;
case "Save diary entry":
diary_admin_save(check_input($id), check_input($text));
diary_admin_display();
break;
case "Update":
diary_admin_display(check_input($order));
break;
default:
diary_admin_display();
}