setTitle("Administrative Options"); $page->addSideBar( '
All Comments' ); $page->addSideBar( '
Post new' ); $page->addSideBar( '
Log out' ); $page->addSideBar( '
EOF;
$page->add( $form );
}
}
class PostCommentRequest extends Request
{
function serve( $page )
{
global $_POST;
global $_SERVER;
$mess1 = var_export( $_POST, true );
$mess2 = var_export( $_SERVER, true );
#mail('smhanov', "Comment", "$mess1\n$mess2");
$file = fopen("/home/smhanov/public_html/blog/comments.txt", 'a');
if ( $file ) {
fwrite( $file, "---------------------------------------------------------\n");
fwrite( $file, $mess1 . "\n" . $mess2 );
fclose( $file );
}
if ( !isset( $_POST['id'] ) ) {
return;
}
$id = $_POST['id'];
if ( !isset( $_POST['displayname'] ) ) {
return;
}
$name = $_POST['displayname'];
if ( $name === "hhfgdgdf" ) {
// A prolific spammer.
return;
}
$email = "none";
if ( !isset( $_POST['comment'] ) ) {
return;
}
if ( isset( $_POST['email'] ) && $_POST['email'] != '' ) {
// this is a fake field to weed out spammers.
// email is not required.
return;
}
$pos = strpos( $_POST['comment'], "http:" );
if ( !($pos === FALSE) ) {
// Comments can't have this string.
return;
}
$pos = strpos( $_POST['comment'], "https:" );
if ( !($pos === FALSE) ) {
// Comments can't have this string.
return;
}
$comment = htmlspecialchars($_POST['comment']);
$comment = str_replace("\n", " \n", $comment);
blogDb()->postComment( $id, $name, $email, $comment );
$request = new ViewRequest( $_POST['id'] );
$request->serve( $page );
}
}
class DelCommentRequest extends Request
{
function __construct($id) {
$this->id = $id;
}
function serve( $page ) {
blogDb()->delComment( $this->id );
}
}
class AboutRequest extends IndexRequest
{
function serve( $page )
{
global $_GET;
$this->fillSideBar($page);
$this->beginPost( $page );
$page->add(<<
Here's some papers I wrote for classes:
Here's a list of stuff that I'm working on:
if ( $pos == False ) { $pos = strpos($entry, " " );
}
// If found,
if ( $pos != False ) {
// truncate the text at that point.
$entry = substr($entry, 0, $pos);
}
return $entry;
}
function beginPost( $page )
{
$page->add( << |
Make sure you click on the ads above to support this blog. I do, daily. #Don't make me add some adjoining/overlapping #content!
$page->add($str); } $this->beginPost( $page ); $page->add( "ID\">More...\n" ); } else { $page->add( $post->Text ); } // This diff pushes the rest past any floats... if ( !$summarize) { $page->add( " subscribe to posts" ); } $page->add( "
$sql"; die($q->getMessage()); } $db->commit(); } function postNew() { $row = NULL; // connect to database, $db = $this->connectDb(); $row->ID = $db->nextId("blogid"); $row->Title = "New Blog Entry"; $row->Shown = "0"; $row->Date = date('Y-m-d H:i:s'); $row->Keywords = ""; $row->Tags = ""; if ( PEAR::isError($id) ) { die($id->getMessage()); } $sql = <<
$sql"; $q = $db->query($sql); if (DB::iserror($q)) { echo "
$sql"; die($q->getMessage()); } $db->commit(); return $row->ID; } function postEntry( $post ) { // connect to database, $db = $this->connectDb(); $post->Title = $db->escapeSimple( $post->Title ); $post->Text = $db->escapeSimple( $post->Text ); $post->Date = $db->escapeSimple( $post->Date ); $post->Shown = $db->escapeSimple( $post->Shown ); $post->ID = $db->escapeSimple( $post->ID ); $post->Tags = $db->escapeSimple( $post->Tags ); $sql = "UPDATE Blogs SET Title=\"".$post->Title."\", Text=\"".$post->Text."\", Date=\"".$post->Date."\", Shown=\"".$post->Shown."\", Tags=\"".$post->Tags."\" WHERE ID=\"".$post->ID."\";"; $q = $db->query($sql); if (DB::iserror($q)) { echo "
$sql"; die($q->getMessage()); } $db->commit(); } function delComment($id) { $db = $this->connectDb(); $id = $db->escapeSimple( $id ); $sql = <<
$sql"; die($q->getMessage()); } $db->commit(); } function getAllPosts() { if ( $this->posts == null ) { // Text, Date, ID, Shown $db = $this->connectDb(); $sql = "SELECT * FROM Blogs ORDER BY Date DESC;"; $this->posts = array(); // look for record for given user name. $q = $db->query($sql); if ( DB::iserror($q)) { die($q->getMessage()); } for($i = 0;;$i++) { $row = $q->fetchRow(DB_FETCHMODE_OBJECT); if ( $row == null ) { break; } $this->posts[] = $row; } } return $this->posts; } function getPostsBefore($date, $num) { global $admin; $posts = $this->getAllPosts(); $ret = array(); $date = strtotime( $date ); foreach ( $posts as $post ) { $postDate = strtotime($post->Date); if ( ($admin || $post->Shown) && $postDate < $date ) { $ret[] = $post; $n = count($ret); if ( count($ret) == $num ) break; } } return $ret; } function connectDb() { require_once('DB.php'); $db = DB::connect("mysql://root@localhost/Blog"); if ( DB::iserror($db)) { die("Message " . $db->getMessage()); } return $db; } } class Blog { function serve() { global $BlogTitle; $page = new Page(); $page->setTitle( $BlogTitle ); $request = createRequest(); $request->serve($page); $page->write(); } } $blog = new Blog(); $blog->serve(); ?>
$name
\n" ); } $page->add( stripslashes($text) ); $page->add( "