#!/usr/bin/perl
use strict;
push(@INC,'/home/oc/cgi-bin/');
use lib '/home/oc/cgi-bin/';
use lib './';
use OC;
use CGI qw/:standard/;;
use HTML::Template;
use Tie::IxHash;
use Digest::MD5 qw(md5_hex);
use Mail::Sender;
use vars qw/
%CONFIG
$template
%form
%cookie
$self_url
$TITLE
@LINKS
$BODY
@DISPLAYED
$CAN_EDIT
$CAN_ADD
$LOGGED_IN
@NOTE
$NAVIGATION
$USERNAME
/;
sub Initialize {
%form=();
my $query=new CGI;
foreach ($query->param) {
$form{$_}=$query->param($_);
}
foreach ($query->cookie) {
$cookie{$_}=$query->cookie($_);
}
%CONFIG=%OC::CONFIG;
$self_url=$CONFIG{article_url};
# $self_url=$ENV{REQUEST_URI};
# $self_url=~s/^(.*)\?.*$/$1/;
# $self_url=~s/^(.*.cgi).*$/$1/;
@DISPLAYED=();
@LINKS=();
$TITLE='';
$BODY='';
@NOTE=();
$NAVIGATION='';
$LOGGED_IN=0;
$CAN_EDIT=0;
$CAN_ADD=0;
}
sub ConnectToDatabase {
if (!defined $::db) {
$::db = DBI->connect("DBI:mysql:$CONFIG{db_name}:$CONFIG{db_host}:
$CONFIG{db_port}",$CONFIG{db_username},$CONFIG{db_password})
|| die "Can't connect to database server.";
}
return $::db;
}
sub PrepareSQL {
my ($str) = (@_);
$::sth=$::db->prepare($str);
}
sub ExecuteSQL {
$::sth->execute(@_) || die "Could not execute SQL statement";
}
sub SendSQL {
PrepareSQL(@_);
ExecuteSQL();
}
sub FetchSQLData {
return $::sth->fetchrow_array();
}
sub Note {
push(@NOTE,$_[0]);
}
sub Output_Notes {
my $result="";
foreach (@NOTE) {
$result.="$_
";
}
$result.="
"; return $result; } sub Prepare_Template { $template=HTML::Template->new( filename=>$_[0], die_on_bad_params=>0, loop_context_vars=>1, global_vars=>0, shared_cache=>0, ); $template->param(table_color1=>$CONFIG{color}{table1}); $template->param(table_color3=>$CONFIG{color}{table3}); } sub Write_Article_Screen { $TITLE="Write an article"; unless ($CAN_ADD) { $BODY.="You don't have permissions for writing articles. Are you logged in?"; } else { $BODY.=Output_Notes; $BODY.="
"; } } sub Submit_Article { @NOTE=(); unless ($CAN_ADD) { Note("You don't have permissions to add article! Are you logged in?"); } if (length($form{title})<3) { Note("Title too short!"); } if (length($form{body})<50) { Note("Body too short!"); } if (scalar(@NOTE)) { Write_Article_Screen; return; } PrepareSQL("insert into article (author,title,body,added,status,source) values (?,?,?,?,?,?)"); ExecuteSQL($cookie{username},$form{title},$form{body},time,'pending',$form{source}); $TITLE="Submit article"; $BODY.="Article successfully added to queue. In next 24 hours it will be approved or rejected! You can check status on your personal page."; OC::Mail_Webmaster("Request for article.."); } sub Show_Queue { $TITLE="Article queue"; unless ($CAN_EDIT) { $BODY.="You don't have permissions for editing articles! Are you logged in?"; return; } $BODY.=Output_Notes; my @news=(); SendSQL("select title,body,author,added,id,source from article where status='pending'"); while (my @result=FetchSQLData) { my %row=(); $row{title}=$result[0]; $row{body}=${OC::Smart_Reformat(\$result[1])}; $row{author}=$result[2]; $row{added}=OC::Time_To_Str($result[3],'date_only'); SendSQL("select fullname from account where username='$result[2]'"); my $author=FetchSQLData; $row{author}=$author if ($author); $row{id}=$result[4]; $row{source}=$result[5]; push(@news,\%row); } if (scalar(@news)) { $BODY.="$row{added} | $row{title} $row{body} |
$row{author} | Edit |
Source | $row{source} |
by $author
source: $result[4]
$body"; $template->param( no_panel=>1, page_title=>"article: $TITLE", ); } sub Tmpl_Links { my ($screen)=@_; @LINKS=(); if ($CAN_EDIT) { my %row=(); $row{name}="Admin"; $row{link}="$self_url/admin/" if ($screen ne 'admin'); push(@LINKS,\%row); } if ($CAN_ADD) { my %row=(); $row{name}="Write an article"; $row{link}="$self_url?cmd=write_article_screen" if ($screen ne 'write'); push(@LINKS,\%row); } if ($CAN_ADD) { my %row=(); $row{name}="Browse"; $row{link}="$self_url" if ($screen ne 'home'); push(@LINKS,\%row); } } sub Output { $template->param( links=>\@LINKS, title=>$TITLE, body=>$BODY, no_panel=>1, ); print $template->output; } sub First_Page { my $body=''; SendSQL("select id,title from article where status='approved' order by added desc limit 5"); while (my @result=FetchSQLData) { $body.=OC::Li("$result[1]"); } print $body; } sub Main { Initialize; Prepare_Template($CONFIG{tmpl_account_file}); my ($junk,$cmd)=split(/\//,$ENV{PATH_INFO}); ConnectToDatabase(); if ($ARGV[0] eq '-fp') { First_Page(); exit; } print header(-type => 'text/html',-charset=>''); SendSQL("select username,password,type from account where username='$cookie{username}'"); my @result=FetchSQLData; if (OC::Login($cookie{username},$cookie{password}) ne '') { $LOGGED_IN=1; if ($result[2] eq 'admin') { $CAN_EDIT=1; $CAN_ADD=1; } elsif ($result[2] eq 'project' || $result[2] eq 'article') { $CAN_ADD=1; } } if ($cmd eq 'admin' && $CAN_EDIT) { if ($form{approve_article}) { Approve_Article; Show_Queue; Tmpl_Links(); } elsif ($form{reject_article}) { Reject_Article; Show_Queue; Tmpl_Links(); } elsif ($form{cmd} eq 'edit') { Edit_Article; Tmpl_Links(); } elsif ($form{save}) { Save_Article; Edit_Article; Tmpl_Links(); } elsif ($form{justify}) { Justify_Article; Edit_Article; Tmpl_Links(); } else { Show_Queue; Tmpl_Links('admin'); } } else { if ($form{cmd} eq 'first_page') { Browse_Articles; print $BODY; return; } elsif ($form{cmd} eq 'write_article_screen') { Tmpl_Links('write'); Write_Article_Screen; } elsif ($form{cmd} eq 'submit_article') { Tmpl_Links('add'); Submit_Article; } elsif ($form{cmd} eq 'view_article') { Tmpl_Links(''); View_Article; } else { Tmpl_Links('home'); Browse_Articles; } } Output; } Main;