#!/usr/bin/perl -w ############################################################################### # submit.pl - this code inputs user submission into the system to be # approved by authors # # Copyright (C) 1997 Rob "CmdrTaco" Malda # malda@slashdot.org # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # # # $Id: submit.pl,v 1.1.1.1 2000/10/08 09:03:29 alessio Exp $ ############################################################################### use strict; use lib '../'; use vars '%I'; use vars '%L'; use Slash; ################################################################# sub main { *I = getSlashConf(); *L = \%Slash::L; getSlash(); my $id = getFormkeyId($I{U}{uid}); my($section, $op, $seclev, $aid) = ( $I{F}{section}, $I{F}{op}, $I{U}{aseclev}, $I{U}{aid} ); $I{F}{del} ||= "0"; $I{F}{op} ||= ""; $I{F}{from} = stripByMode($I{F}{from}) if $I{F}{from}; $I{F}{subj} = stripByMode($I{F}{subj}) if $I{F}{subj}; $I{F}{email} = stripByMode($I{F}{email}) if $I{F}{email}; # Show submission title on browser's titlebar. my($tbtitle) = $I{F}{title}; if ($tbtitle) { $tbtitle =~ s/^"?(.+?)"?$/"$1"/; $tbtitle = "- $tbtitle"; } $section = "admin" if $seclev > 100; header("$I{sitename} $L{Submissions}$tbtitle", $section); # print "from $I{F}{from} email $I{F}{email} subject $I{F}{subj}
\n"; #adminMenu() if $seclev > 100; if ($op eq "list" && ($seclev > 99 || $I{submiss_view})) { titlebar("100%", "$L{Submissions} " . ($seclev > 99 ? 'Admin' : "$L{List}")); submissionEd(); } elsif ($op eq "Update" && $seclev > 99) { titlebar("100%", "$L{Deleting} $I{F}{subid}"); rmSub(); submissionEd(); } elsif ($op eq "GenQuickies" && $seclev > 99) { titlebar("100%", "Quickies Generated"); genQuickies(); submissionEd(); } elsif (! $op) { yourPendingSubmissions(); titlebar("100%", "$I{sitename} $L{Submissions}", "c"); displayForm($I{U}{nickname}, $I{U}{fakeemail}, $I{F}{section}, $id); } elsif ($op eq "$L{PreviewStory}") { titlebar("100%", "$I{sitename} $L{Submission_Preview}", "c"); # insert the fact that the form has been displayed, # but not submitted at this point insertFormkey("submissions",$id,"submission"); displayForm($I{F}{from}, $I{F}{email}, $I{F}{section}, $id); } elsif ($op eq "viewsub" && ($seclev > 99 || $I{submiss_view})) { previewForm($aid, $I{F}{subid}); } elsif ($op eq "$L{SubmitStory}") { saveSub($id); yourPendingSubmissions(); } else { print "Huh?"; # foreach (keys %{$I{U}}) { print "$_ = $I{U}{$_}
" } } footer(); } ################################################################# sub yourPendingSubmissions { return unless $I{U}{uid} > 0; my $c = sqlSelectMany("*", "submissions", "uid=$I{U}{uid}"); if ($c->rows) { my($count) = sqlSelect("count(*)", "submissions", "del=0"); titlebar("100%", "$L{Your_Recent_Submissions} ($L{total}:$count)"); print <$L{Here_are_your_recent_submissions_to} $I{sitename}, $L{and_their_status_within_the_system}: \n\n"; } $c->finish; print "

"; } ################################################################# sub previewForm { my($aid, $subid) = @_; my $subid_dbi = $I{dbh}->quote($subid); my $admin = $I{U}{aseclev} > 99; my($writestatus) = getvars("defaultwritestatus"); ($subid, my($email, $name, $title, $tid, $introtext, $time, $comment)) = sqlSelect("subid,email,name,subj,tid,story,time,comment", "submissions", "subid=$subid_dbi"); $introtext =~ s/\n\n/\n

/gi; $introtext .= " "; $introtext =~ s{(?)(http|ftp|gopher|telnet)://(.*?)(\W\s)?[\s]} {$1://$2 }gi; $introtext =~ s/\s+$//; $introtext = qq!"$introtext"! if $name; if ($comment && $admin) { # This probably should be a block. print <Submission Notes:
$comment
EOT } if ($email) { local $_ = $email; if (/@/) { $email = "mailto:$email"; } elsif (!/http/) { $email = "http://$email"; } $introtext = qq!$name $L{writes} $introtext! if $name; } else { $introtext = "$name $L{writes} $introtext" if $name; } my @fs = ( $I{query}->textfield(-name => 'title', -default => $title, -size => 50), lockTest($title) ); push @fs, sprintf("\n\t\tdept %s
", $I{query}->textfield(-name => 'dept', -default => '', -size => 50) ) if $I{use_dept}; print <$L{Submitted_by} $name $email $L{at} $time

$introtext

EOT printf <Delete Submission ]


title %s
%s%s ADMIN if ($admin) { selectTopic("tid", $tid); selectSection("section", $I{F}{section} || $I{defaultsection}); printf <

Intro Copy


ADMIN } sqlUpdate("sessions", { lasttitle => $title }, "aid=" . $I{dbh}->quote($I{U}{aid}) ); } ################################################################# sub rmSub { if ($I{F}{subid}) { sqlUpdate("submissions", { del => 1 }, "subid=" . $I{dbh}->quote($I{F}{subid}) ); sqlUpdate("authors", { -deletedsubmissions => 'deletedsubmissions+1' }, "aid='$I{U}{aid}'" ); } foreach (keys %{$I{F}}) { next unless /(.*)_(.*)/; my($t,$n) = ($1,$2); if ($t eq "note" || $t eq "comment" || $t eq "section") { $I{F}{"note_$n"} = "" if $I{F}{"note_$n"} eq " "; if ($I{F}{$_}) { my %sub = ( note => $I{F}{"note_$n"}, comment => $I{F}{"comment_$n"}, section => $I{F}{"section_$n"} ); if (!$sub{note}) { delete $sub{note}; $sub{-note} = 'NULL'; } $sub{comment} =~ s/\"/\'/g if $sub{comment}; sqlUpdate("submissions", \%sub, "subid=" . $I{dbh}->quote($n)); } } else { my $key = $n; print "$key " if sqlUpdate( "submissions", { del => 1 }, "subid='$key'" ) && sqlUpdate("authors", { -deletedsubmissions => 'deletedsubmissions+1' }, "aid='$I{U}{aid}'" ); } } } ################################################################# sub genQuickies { my($stuff) = sqlSelect("story", "submissions", "subid='quickies'"); $I{dbh}->do("DELETE FROM submissions WHERE subid='quickies'"); $stuff = ""; my $c = sqlSelectMany("subid,subj,email,name,story", "submissions", "note='Quik' and del=0" ); while(my($subid, $subj, $email, $name, $story) = $c->fetchrow) { $stuff .= qq!\n\n

$name $L{writes} $story\n\n!; } $c->finish; sqlInsert("submissions", { subid => 'quickies', subj => 'Generated Quickies', email => '', name => '', -'time' => 'now()', section => 'articles', tid => 'quickies', story => $stuff, }); } ################################################################# sub submissionEd { my $admin = $I{U}{aseclev} > 99; print <

EOT $I{F}{del} = 0 if $admin; my $c = sqlSelectMany("section,note,count(*)", "submissions WHERE del=$I{F}{del} GROUP BY section,note"); print qq!\n\n\t!; my $cur_section_str = $I{F}{section} || 'All Sections'; # Unfortunately, "articles" seems to be hardcoded my $cur_note_str = $I{F}{note} || 'Unclassified'; my(%all_sections, %all_notes, %sn); while (my($section, $note, $cnt) = $c->fetchrow) { my $section_str = $section; $all_sections{$section_str} = 1; my $note_str = $note || 'Unclassified'; $all_notes{$note_str} = 1; $sn{$section_str}{$note_str} = $cnt; } $c->finish; for my $note_str (keys %all_notes) { $sn{'All Sections'}{$note_str} = 0; for (grep { $_ ne 'All Sections' } keys %sn) { $sn{'All Sections'}{$note_str} += $sn{$_}{$note_str}; } } $all_sections{'All Sections'} = 1; print qq!!; for my $section_str ( map { $_->[0] } sort { $a->[1] cmp $b->[1] } map { [$_, ($_ eq 'All Sections' ? '' : $_)] } keys %all_sections) { my $section = $section_str eq 'All Sections' ? '' : $section_str; print qq!!; print "" if $section_str eq 'All Sections'; } print "\n"; for my $note_str ( map { $_->[0] } sort { $a->[1] cmp $b->[1] } map { [$_, ($_ eq 'Unclassified' ? '' : $_)] } keys %all_notes) { my $note = $note_str eq 'Unclassified' ? '' : $note_str; print qq!\n!; print qq!!; for my $section_str (sort keys %all_sections) { my $section = $section_str eq 'All Sections' ? '' : $section_str; $sn{$section_str}{$note_str} = 0 if !$sn{$section_str}{$note_str}; my $bgcolor = qq! BGCOLOR="$I{bg}[1]"! if $note_str eq $cur_note_str && $section_str eq $cur_section_str; print qq!$sn{$section_str}{$note_str} !; print "" if $section_str eq 'All Sections'; } print "\n"; } print "
 $section_str 
 $note_str 
\n"; my $sql = "SELECT subid, subj, date_format(" . getDateOffset("time") . ',"m/d H:i"), tid,note,email,name,section,comment,submissions.uid,karma FROM submissions,users_info'; $sql .= " WHERE submissions.uid=users_info.uid AND $I{F}{del}=del AND ("; $sql .= $I{F}{note} ? "note=" . $I{dbh}->quote($I{F}{note}) : "isnull(note)"; $sql .= " or note=' ' " unless $I{F}{note}; $sql .= ")"; $sql .= " and tid='$I{F}{tid}' " if $I{F}{tid}; $sql .= " and section=" . $I{dbh}->quote($I{U}{asection}) if $I{U}{asection}; $sql .= " and section=" . $I{dbh}->quote($I{F}{section}) if $I{F}{section}; $sql .= " ORDER BY time"; my $cursor = $I{dbh}->prepare($sql); $cursor->execute; my @select = (qw(DEFAULT Hold Quik), (ref $I{submit_categories} ? @{$I{submit_categories}} : ()) ); my %select = map { ($_, '') } @select; print qq!\n\n\n!; while (my($subid, $subj, $time, $tid, $note, $email, $name, $section, $comment, $uid, $karma) = $cursor->fetchrow) { local $select{$note || 'DEFAULT'} = ' SELECTED'; my $str; for (@select) { my $name = $_ eq 'DEFAULT' ? '' : $_; $str .= "\t\t\t$name\n"; } print $admin ? < USER my $ptime = $I{submiss_ts} ? $time : ''; selectSection("section_$subid", $section) if $admin; $name =~ s/<(.*)>//g; $email =~ s/<(.*)>//g; $karma = $uid > -1 && defined $karma ? " ($karma)" : ""; # @strs is for DISPLAY purposes, nothing more. my @strs = (substr($subj, 0, 35), substr($name, 0, 20), substr($email, 0, 20)); $strs[0] .= '...' if length($subj) > 35; # Adds proper section and title for form editor. my $sec = $section ne $I{defaultsection} ? "§ion=$section" : ''; my $stitle = '&title=' . fixparam($subj); $stitle =~ s/%/%%/g; # for sprintf printf(($admin ? < ADMIN USER } my $quik = $I{F}{note} eq "Quik" ? < EOT print $admin ? <

$quik ADMIN

ADMIN
$note$ptime %s  %s$karma
%s
\u$section$ptime %s  %s
%s

USER $cursor->finish; } ################################################################# # sub formLabel { # return qq!

!, shift, "\n", # @_ ? ("(", @_, ")") : "", "
\n"; # } ################################################################# sub displayForm { my($user, $fakeemail, $section, $id) = @_; my $formkey_earliest = time() - $I{formkey_timeframe}; if (!checkTimesPosted("submissions", $I{max_submissions_allowed}, $id, $formkey_earliest)) { my $max_posts_warn = <Warning! you've exceeded max allowed submissions for the day : $I{max_submissions_allowed}

EOT errorMessage($max_posts_warn); } print < $L{View_Current_Pending_Submissions}

EOT $section = "articles" unless $section; print qq!\n
\n!; print qq|\n| if $I{F}{op} eq $L{PreviewStory}; print $L{submit_before}; $user = $I{F}{from} || $user; $fakeemail = $I{F}{email} || $fakeemail; print formLabel("$L{Your_Name}", "$L{Leave_Blank_to_be_Anonymous}"), $I{query}->textfield(-name => 'from', -default => $user, -size=>50), formLabel("$L{Your_Email_or_Homepage}", $L{Leave_Blank_to_be_Anonymous}), $I{query}->textfield(-name => 'email', -default => $fakeemail, -size => 50), formLabel("$L{Subject}", "$L{Be_Descriptive_Clear_Simple}!"), $I{query}->textfield(-name => 'subj', -default => $I{F}{subj}, -size => 50), qq[\n
($L{bad_subjects_}. $L{We_get_many_submissions_each_day_}.)], formLabel("$L{Topic_and_Section}"); selectTopic("tid", $I{F}{tid} || "news"); selectSection("section", $I{F}{section} || $section); print qq!\n
($L{Almost_everything_should_go_})!; if ($I{F}{story}) { print "

"; titlebar("100%", $I{F}{subj}); my $tref = getTopic($I{F}{tid}); print < EOT print qq!

$user $L{writes} "$I{F}{story}"

!; } print formLabel("$L{The_Scoop}","$L{HTML_is_fine_but_}"); printf <%s
($L{Are_you_sure_you_included_a_URL_})

EOT print "($L{You_must_preview_once_})" unless $I{F}{subj}; print qq!\n! if $I{F}{subj}; print "\n

\n\n"; } ################################################################# sub saveSub { my $id = shift; # if formkey works if (checkSubmission("submissions", $I{submission_speed_limit}, $I{max_submissions_allowed}, $id)) { if (length $I{F}{subj} < 2) { titlebar("100%", "$L{Error}:"); print "$L{Please_enter_a_reasonable_subject}.\n"; displayForm($I{F}{from}, $I{F}{email}, $I{F}{section}); return; } titlebar("100%", "$L{Saving}"); print "$L{Perhaps_you_would_like_to_enter_an_email_}

" unless length $I{F}{email} > 2; print "$L{This_story_has_been_submitted_anonymously}

" unless length $I{F}{from} > 2; print "$L{There_are_currently} ", sqlSelect("count(*)", "submissions", "del=0"), " $L{submissions_pending}.

"; print getblock("submit_after"); my($sec, $min, $hour, $mday, $mon, $year) = localtime; my $subid = "$hour$min$sec.$mon$mday$year"; sqlInsert("submissions", { email => $I{F}{email}, uid => $I{U}{uid}, name => $I{F}{from}, story => $I{F}{story}, -'time' => 'now()', subid => $subid, subj => $I{F}{subj}, tid => $I{F}{tid}, section => $I{F}{section} }); formSuccess($I{F}{formkey},0,length($I{F}{subj})); } } main(); $I{dbh}->disconnect if $I{dbh}; 1;