news refined

2011-06-03 05:12:50 +02:00 · 2011-06-03 05:12:50 +02:00 · 91f6e7bbaf
parent d5d3db847e
commit 91f6e7bbaf
6 changed files with 227 additions and 137 deletions
--- a/DB/db_rewrite.sql
+++ b/DB/db_rewrite.sql
@ -3,7 +3,7 @@
 -- http://www.phpmyadmin.net
 --
 -- Host: localhost
-- Erstellungszeit: 02. Juni 2011 um 23:02
+-- Erstellungszeit: 03. Juni 2011 um 03:12
 -- Server Version: 5.1.44
 -- PHP-Version: 5.3.1
@ -71,21 +71,23 @@ CREATE TABLE IF NOT EXISTS `Counter` (
 --
 INSERT INTO `Counter` (`URL`, `Anz`) VALUES
-('news', 80),
+('news', 164),
-('login', 24),
+('login', 26),
 ('logout', 13),
-('start', 25),
+('start', 26),
-('faq', 16),
+('faq', 18),
 ('credits', 3),
 ('register', 3),
-('admin_rooms', 70),
+('admin_rooms', 75),
-('admin_angel_types', 69),
+('admin_angel_types', 70),
-('user_settings', 116),
+('user_settings', 125),
-('user_messages', 111),
+('user_messages', 112),
-('admin_groups', 104),
+('admin_groups', 114),
-('user_questions', 54),
+('user_questions', 55),
-('admin_questions', 41),
+('admin_questions', 42),
-('admin_faq', 53);
+('admin_faq', 55),
 ('admin_news', 2),
 ('news_comments', 144);
 -- --------------------------------------------------------
@ -131,25 +133,27 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` (
  `privilege_id` int(11) NOT NULL,
  PRIMARY KEY (`id`),
  KEY `group_id` (`group_id`,`privilege_id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=40 ;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=51 ;
 --
 -- Daten für Tabelle `GroupPrivileges`
 --
 INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES
-(32, -2, 8),
+(42, -2, 15),
 (24, -1, 5),
-(31, -2, 11),
+(40, -2, 4),
-(30, -2, 9),
+(41, -2, 3),
 (23, -1, 2),
-(36, -4, 7),
+(48, -4, 14),
-(37, -4, 13),
+(46, -4, 7),
-(29, -2, 3),
+(44, -2, 11),
-(28, -2, 4),
+(43, -2, 9),
 (12, -5, 10),
-(38, -4, 12),
+(47, -4, 13),
-(39, -4, 6);
+(49, -4, 12),
 (45, -2, 8),
 (50, -4, 6);
 -- --------------------------------------------------------
@ -210,7 +214,7 @@ INSERT INTO `Messages` (`id`, `Datum`, `SUID`, `RUID`, `isRead`, `Text`) VALUES
 CREATE TABLE IF NOT EXISTS `News` (
  `ID` int(11) NOT NULL AUTO_INCREMENT,
-  `Datum` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `Datum` int(11) NOT NULL,
  `Betreff` varchar(150) NOT NULL DEFAULT '',
  `Text` text NOT NULL,
  `UID` int(11) NOT NULL DEFAULT '0',
@ -223,9 +227,9 @@ CREATE TABLE IF NOT EXISTS `News` (
 --
 INSERT INTO `News` (`ID`, `Datum`, `Betreff`, `Text`, `UID`, `Treffen`) VALUES
-(1, '2011-06-02 21:35:27', '', '', 1, 0),
+(1, 1307070566, 'asdf', 'asdf', 1, 0),
-(2, '2011-06-02 21:36:57', '', '', 1, 0),
+(2, 1307070579, 'Achtung, Treffen!', 'Uiuiuiui.', 1, 0),
-(3, '2011-06-02 21:36:57', '', '', 1, 0);
+(3, 1307070686, 'Achtung, Treffen!', 'Jojojo!', 1, 1);
 -- --------------------------------------------------------
@ -241,12 +245,16 @@ CREATE TABLE IF NOT EXISTS `news_comments` (
  `UID` int(11) NOT NULL DEFAULT '0',
  PRIMARY KEY (`ID`),
  KEY `Refid` (`Refid`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ;
 --
 -- Daten für Tabelle `news_comments`
 --
 INSERT INTO `news_comments` (`ID`, `Refid`, `Datum`, `Text`, `UID`) VALUES
 (1, 10, '2011-06-03 04:12:28', 'FOobar :)', 1),
 (2, 10, '2011-06-03 04:13:03', 'FOobar :)', 1),
 (3, 10, '2011-06-03 04:13:06', 'FOobar :)', 1);
 -- --------------------------------------------------------
@ -260,7 +268,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` (
  `desc` varchar(1024) NOT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `name` (`name`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=14 ;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=16 ;
 --
 -- Daten für Tabelle `Privileges`
@ -279,7 +287,9 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES
 (10, 'admin_groups', 'Manage usergroups and their rights'),
 (11, 'user_questions', 'Let users ask questions'),
 (12, 'admin_questions', 'Answer user''s questions'),
-(13, 'admin_faq', 'Edit FAQs');
+(13, 'admin_faq', 'Edit FAQs'),
 (14, 'admin_news', 'Administrate the news section'),
 (15, 'news_comments', 'User can comment news');
 -- --------------------------------------------------------
@ -1016,7 +1026,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES
 ('admin_questions', 'DE', 'Fragen beantworten'),
 ('admin_questions', 'EN', 'Answer questions'),
 ('admin_faq', 'DE', 'FAQs bearbeiten'),
-('admin_faq', 'EN', 'Edit FAQs');
+('admin_faq', 'EN', 'Edit FAQs'),
 ('news_comments', 'DE', 'News Kommentare'),
 ('news_comments', 'EN', 'News comments');
 -- --------------------------------------------------------
@ -1059,7 +1071,7 @@ CREATE TABLE IF NOT EXISTS `User` (
 --
 INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES
-(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307055685, '0000-00-00 00:00:00', '', '', ''),
+(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307070695, '0000-00-00 00:00:00', '', '', ''),
 (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', '');
 -- --------------------------------------------------------
--- a/includes/pages/user_news.php
+++ b/includes/pages/user_news.php
@ -1,75 +1,112 @@
 <?php
-function user_news() {
+function display_news($news) {
-	return "<a href=\"#Neu\">" . Get_Text(3) . "</a>" . user_news_output();
+	global $privileges, $p;
 	$html .= "";
 	$html .= '<article class="news' . ($news['Treffen'] == 1 ? ' meeting' : '') . '">';
 	$html .= '<details>';
 	$html .= date("Y-m-d H:i",$news['Datum']) . ', ';
 	$html .= UID2Nick($news['UID']);
 	if ($p != "news_comments")
 		$html .= ', <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') &raquo;</a>';
 	$html .= '</details>';
 	$html .= '<h3>'.($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';
 	$html .= '<p>' . ReplaceSmilies(nl2br($news['Text'])) . '</p>';
 	if (in_array("admin_news", $privileges))
 		$html .= "<details><a href=\"" . page_link_to("admin_news") . "&action=edit&id=" . $news['ID'] . "\">Edit</a></details>\n";
 	$html .= '</article>';
 	return $html;
 }
-function user_news_output() {
+function user_news_comments() {
-	global $DISPLAY_NEWS, $privileges;
+	global $user;
 	$html = "";
 	if (isset ($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) {
 		$nid = $_REQUEST["nid"];
 		list ($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1");
 		if (isset ($_REQUEST["text"])) {
 			$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
 			sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
 			$html .= success("Eintrag wurde gespeichert");
 		}
 		$html .= '<a href="' . page_link_to("news") . '">&laquo; Back</a>';
 		$html .= display_news($news);
 		$html .= '<h2>Comments</h2>';
 		$comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . $nid . "' ORDER BY 'ID'");
 		foreach ($comments as $comment) {
 			$html .= '<article class="news_comment">';
 			$html .= DisplayAvatar($comment['UID']);
 			$html .= '<details>';
 			$html .= $comment['Datum'] . ', ';
 			$html .= UID2Nick($comment['UID']);
 			$html .= '</details>';
 			$html .= '<p>' . nl2br($comment['Text']) . '</p>';
 			$html .= '</article>';
 		}
 		$html .= "</table>";
 		$html .= '
 					<br />
 					<hr>
 					<h2>Neuer Kommentar:</h2>
 					<a name="Neu">&nbsp;</a>
 					<form action="' . page_link_to("news_comments") . '" method="post">
 					<input type="hidden" name="nid" value="' . $_REQUEST["nid"] . '">
 					<table>
 					 <tr>
 					  <td align="right" valign="top">Text:</td>
 					  <td><textarea name="text" cols="50" rows="10"></textarea></td>
 					 </tr>
 					</table>
 					<br />
 					<input type="submit" value="sichern...">
 					</form>';
 	} else {
 		$html .= "Fehlerhafter Aufruf!";
 	}
 	return $html;
 }
 function user_news() {
 	global $DISPLAY_NEWS, $privileges, $user;
 	$html = "";
-	if (isset ($_POST["text"]) && isset ($_POST["betreff"]) && IsSet ($_POST["date"])) {
+	if (isset ($_POST["text"]) && isset ($_POST["betreff"])) {
-		if (!isset ($_POST["treffen"]))
+		if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges))
 			$_POST["treffen"] = 0;
-		$SQL = "INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
+		sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
-		"VALUES ('" . sql_escape($_POST["date"]) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($_SESSION['uid']) .
+		"VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) .
-		"', '" . sql_escape($_POST["treffen"]) . "');";
+		"', '" . sql_escape($_POST["treffen"]) . "');");
-		$Erg = sql_query($SQL);
+		$html .= success(Get_Text(4));
 		if ($Erg == 1)
 			$html .= Get_Text(4);
 	}
-	if (!IsSet ($_GET["news_begin"]))
+	if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page']))
-		$_GET["news_begin"] = 0;
+		$page = $_REQUEST['page'];
 	if (!IsSet ($_GET["DISPLAY_NEWS"]))
 		$_GET["DISPLAY_NEWS"] = 5;
 	$SQL = "SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . intval($_GET["news_begin"]) . ", " . intval($_GET["DISPLAY_NEWS"]);
 	$Erg = sql_query($SQL);
 	// anzahl zeilen
 	$news_rows = mysql_num_rows($Erg);
 	for ($n = 0; $n < $news_rows; $n++) {
 		if (mysql_result($Erg, $n, "Treffen") == 0)
 			$html .= "<p class='question'>";
 	else
-			$html .= "<p class='engeltreffen'>";
+		$page = 0;
-		$html .= "<u>" . ReplaceSmilies(mysql_result($Erg, $n, "Betreff")) . "</u>\n";
+	$news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS);
 	foreach ($news as $entry)
 		$html .= display_news($entry);
-		// Schow Admin Page
+	$html .= "<div class=\"pagination\">\n\n";
-		if ($_SESSION['CVS']["admin/news.php"] == "Y")
+	$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
 			$html .= " <a href=\"./../admin/news.php?action=change&date=" . mysql_result($Erg, $n, "Datum") . "\">[edit]</a><br />\n\t\t";
 		$html .= "<br />&nbsp; &nbsp;<font size=1>" . mysql_result($Erg, $n, "Datum") . ", ";
 		$html .= UID2Nick(mysql_result($Erg, $n, "UID")) . "</font>";
 		// avatar anzeigen?
 		$html .= DisplayAvatar(mysql_result($Erg, $n, "UID"));
 		$html .= "</p>\n";
 		$html .= "<p class='answer'>" . ReplaceSmilies(nl2br(mysql_result($Erg, $n, "Text"))) . "</p>\n";
 		$RefID = mysql_result($Erg, $n, "ID");
 		$countSQL = "SELECT COUNT(*) FROM `news_comments` WHERE `Refid`='$RefID'";
 		$countErg = sql_query($countSQL);
 		$countcom = mysql_result($countErg, 0, "COUNT(*)");
 		$html .= "<p class='comment' align='right'><a href=\"./news_comments.php?nid=$RefID\">$countcom comments</a></p>\n\n";
 	}
 	$html .= "<div align=\"center\">\n\n";
 	$rowerg = sql_query("SELECT * FROM `News`");
 	$rows = mysql_num_rows($rowerg);
 	$dis_rows = round(($rows / $DISPLAY_NEWS) + 0.5);
 	$html .= Get_Text(5);
-	for ($i = 1; $i <= $dis_rows; $i++) {
+	for ($i = 0; $i < $dis_rows; $i++) {
-		if (!((($i * $DISPLAY_NEWS) - $_GET["news_begin"]) == $DISPLAY_NEWS)) {
+		if ($i == $_REQUEST['page'])
-			$html .= '<a href="' . page_link_to("news") . '&news_begin=' . (($i * $DISPLAY_NEWS) - $DISPLAY_NEWS -1) . '">' . $i . '</a>&nbsp; ';
+			$html .= ($i +1) . "&nbsp; ";
-		} else {
+		else
-			$html .= "$i&nbsp; ";
+			$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a>&nbsp; ';
 		}
 	}
 	$html .= '</div>
 			<br /><hr />
@ -77,12 +114,6 @@ function user_news_output() {
 			<a name="Neu">&nbsp;</a>
 			<form action="" method="post">
 					<?PHP
 						// Datum mit uebergeben, um doppelte Eintraege zu verhindern 
 						// (Reload nach dem Eintragen!)
 					?>
 					<input type="hidden" name="date" value="' . date("Y-m-d H:i:s") . '">
 			<table>
 			 <tr>
 			  <td align="right">' . Get_Text(7) . '</td>
@ -92,7 +123,7 @@ function user_news_output() {
 			  <td align="right">' . Get_Text(8) . '</td>
 			  <td><textarea name="text" cols="50" rows="10"></textarea></td>
 			 </tr>';
-	if (in_array('news_add_meeting', $privileges)) {
+	if (in_array('admin_news', $privileges)) {
 		$html .= ' <tr>
 		  <td align="right">' . Get_Text(9) . '</td>
 		  <td><input type="checkbox" name="treffen" size="1" value="1"></td>
--- a/includes/sys_user.php
+++ b/includes/sys_user.php
@ -75,9 +75,9 @@ function displayPictur($UID, $height = "30") {
 	global $url, $ENGEL_ROOT;
 	if ($height > 0)
-		return ("<img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\">");
+		return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>");
 	else
-		return ("<img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\">");
+		return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>");
 }
 function displayavatar($UID, $height = "30") {
@ -92,7 +92,7 @@ function displayavatar($UID, $height = "30") {
 	if (mysql_num_rows($aerg))
 		if (mysql_result($aerg, 0, "Avatar") > 0)
-			return ("&nbsp;<img src=\"" . $url . $ENGEL_ROOT . "pic/avatar/avatar" . mysql_result($aerg, 0, "Avatar") . ".gif\">");
+			return'<div class="avatar">'. ("&nbsp;<img src=\"" . $url . $ENGEL_ROOT . "pic/avatar/avatar" . mysql_result($aerg, 0, "Avatar") . ".gif\">").'</div>';
 }
 function UIDgekommen($UID) {
--- a/txt/TODO
+++ b/txt/TODO
@ -10,12 +10,12 @@ jetzt:
 * weckservice?
 später:
 * Zurück-/Backlinks setzen
 * MD5-Passwörter mit Salt speichern
 * Passwort-Mindestanforderungen stellen
 * User-Avatare (code liegt auskommentiert in user_settings.php)
 * user_messages schön machen
 * Formulare weg von Tabellen
 * user_news lässt sich nicht bedienen (POST ohne redirects...)
 * Privilegien korrigieren (an die vom CVS anpassen)
 * Beim Raum-Management die benötigten Engel anzeigen
 * Löschen nur mit Rückfrage
--- a/www-ssl/css/base.css
+++ b/www-ssl/css/base.css
@ -15,6 +15,12 @@ header {
    width: 100%;
 }
 article, details {
    clear: none;
    display: block;
    float: none;
 }
 footer {
    clear: both;
    display: block;
@ -64,7 +70,7 @@ dd {
    margin-left: 20px;
 }
-h1, h4 {
+h1, h2, h3, h4 {
    font-size: 16px;
    padding: 0 4px;
 }
@ -81,7 +87,7 @@ nav {
    margin: 0 10px 10px 0;
 }
-#content article {
+#content > article {
    padding: 10px;
 }
@ -114,6 +120,14 @@ textarea {
    width: 300px;
 }
 .clear {
    clear: both;
 }
 .pagination {
    text-align: center;
 }
 .background {
    background: #f0f0f0;
 }
@ -144,3 +158,32 @@ textarea {
 .new_message {
    font-weight: bold;
 }
 .news_comment, .news {
    border: 1px solid #888;
    margin: 10px 0;
 }
 .news_comment details, .news details {
    background: #f0f0f0;
    padding: 4px;
 }
 .news_comment p, .news p, h3 {
    padding: 4px;
 }
 .news_comment p, .news_comment details {
    margin-left: 72px;
 }
 .avatar {
    float: left;
    margin: 4px;
    max-width: 64px;
 }
 .news.meeting {
    border: 1px solid #000;
    box-shadow: 1px 1px 5px #888;
 }
--- a/www-ssl/index.php
+++ b/www-ssl/index.php
@ -36,6 +36,10 @@ if (in_array($p, $privileges)) {
 		require_once ('includes/pages/user_news.php');
 		$content = user_news();
 	}
 	elseif ($p == "news_comments") {
 		require_once ('includes/pages/user_news.php');
 		$content = user_news_comments();
 	}
 	elseif ($p == "user_messages") {
 		$content = user_messages();
 	}