zlax/ljr
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

init

Browse Source
This commit is contained in:
ivan
2019-02-06 00:49:12 +03:00
commit 8dbb1bb605
4796 changed files with 506072 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

293
livejournal/htdocs/todo/index.bml Executable file
View File

@@ -0,0 +1,293 @@
<?_code
$title = "";
$body = "";
LJ::set_active_crumb('todo');
use strict;
use vars qw($title $body %FORM);
# FIXME: this doesn't use dbr or memcache at all.
my $dbh = LJ::get_db_writer();
my $sth;
my %permission;
my $remote = LJ::get_remote();
my $user = lc($FORM{'user'});
if (! $user && $remote) { $user = $remote->{'user'}; }
my $u = undef;
if ($user && $FORM{'mode'} ne "pickuser") {
$u = LJ::load_user($user);
unless ($u) {
$body .= "<?h1 Error h1?><?p <B>Unknown user: </B> " . LJ::ehtml($user) . " p?>\n";
}
}
unless ($u) {
$title = "To-Do List";
$body .= "<form method='get' action='./'>";
$body .= "Enter the username of the user whose to-do list you would like to view:<UL><INPUT NAME=\"user\" SIZE=15 MAXLENGTH=15> <INPUT TYPE=SUBMIT VALUE=\"View\"></UL></FORM>\n";
return;
}
LJ::Todo::get_permissions($dbh, \%permission, { 'user' => $u, 'remote' => $remote });
$title = "To-Do List: $user";
$body .= "<?de To view another user's to-do list, <a href=\"./?mode=pickuser\">go here</a>. de?>";
####
### security stuff
##
my $where;
unless ($remote && $remote->{'userid'} == $u->{'userid'}) {
my $friendclause;
if ($remote) {
# check to see if this user's a friend
$sth = $dbh->prepare("SELECT COUNT(*) AS 'isfriend' FROM friends WHERE userid=$u->{'userid'} AND friendid=$remote->{'userid'}");
$sth->execute;
my ($isfriend) = $sth->fetchrow_array;
if ($isfriend) { $friendclause = ", 'friends'"; }
}
$where .= "AND t.security IN ('public' $friendclause)";
}
####
### load the todo items
##
my %keyword;
my %itemkws;
my @tdids;
my @delete;
my $total;
$sth = $dbh->prepare("SELECT t.todoid, tk.kwid, k.keyword FROM todo t LEFT JOIN todokeyword tk ON t.todoid=tk.todoid LEFT JOIN keywords k ON tk.kwid=k.kwid WHERE t.journalid=$u->{'userid'} $where");
$sth->execute;
while (my ($id, $kwid, $keyword) = $sth->fetchrow_array) {
if ($kwid) {
$keyword{$kwid}->{'count'}++;
$keyword{$kwid}->{'keyword'} = $keyword;
push @{$itemkws{$id}}, $kwid;
}
$total++;
if (! $FORM{'cat'} || ($kwid && $keyword eq $FORM{'cat'})) {
push @tdids, $id;
if ($FORM{"delete_$id"}) {
push @delete, $id;
}
}
}
### deleting?
if (@delete) {
unless ($permission{'delete'}) {
$title = "Error";
$body = "<?h1 Security h1?><?p You're not allowed to delete these to-do items. p?>";
return;
}
my $in = join(",", @delete);
$dbh->do("DELETE FROM todo WHERE todoid IN ($in)");
$dbh->do("DELETE FROM tododep WHERE todoid IN ($in)");
$dbh->do("DELETE FROM tododep WHERE depid IN ($in)");
$dbh->do("DELETE FROM todokeyword WHERE todoid IN ($in)");
$title = "Deleted";
$body = "";
$body .= "<a href=\"./?user=$u->{'user'}\">&lt;&lt; To-Do List</a>";
$body .= "<?h1 Items Deleted h1?><?p The items checked have been deleted. p?>";
return;
}
$body .= "<form method='get' action='./'>";
$body .= "<INPUT TYPE=HIDDEN NAME=user VALUE=$FORM{'user'}>\n" if ($FORM{'user'});
$body .= "<?h1 Filter Items h1?><?p ";
foreach my $kwid (sort { lc($keyword{$a}->{'keyword'}) cmp lc($keyword{$b}->{'keyword'}) }
keys %keyword)
{
my $cat = $keyword{$kwid}->{'keyword'};
if ($FORM{'cat'} eq $cat) {
$body .= "<b>" . LJ::ehtml($cat) . " ($keyword{$kwid}->{'count'})</b>, ";
} else {
$body .= "<b><a href=\"" . BML::self_link({ 'user' => $u->{'user'}, 'cat' => $cat }) . "\">" . LJ::ehtml($cat) . "</a></b> ($keyword{$kwid}->{'count'}), ";
}
}
if ($FORM{'cat'}) {
$body .= "<b><a href=\"" . BML::self_link({ 'user' => $u->{'user'}, 'cat' => '' }) . "\">(Show All)</a></b>, "
}
if (keys %keyword) {
chop $body; chop $body; # remove final ", "
} else {
$body .= "No categories to filter on.";
}
$body .= " p?>";
unless (@tdids) {
$body .= "<?h1 No entries h1?><?p Either this user has no to-do items, they're all private, or your filter criteria has returned zero matches. p?>";
}
###
## links
#
{
my @actions = ();
if ($permission{'add'}) {
push @actions, [ "item.bml?user=$u->{'user'}&mode=add&amp;cat=" . LJ::eurl($FORM{'cat'}), "Add Item" ];
}
if (@actions)
{
$body .= "<?h1 Actions h1?><?p ";
foreach (@actions) {
$body .= "[ <a href=\"$_->[0]\">$_->[1]</a> ]";
}
$body .= " p?>";
}
}
unless (@tdids) {
$body .= "</form>";
return;
}
$sth = $dbh->prepare("SELECT todoid, posterid, ownerid, statusline, security, subject, des, priority, UNIX_TIMESTAMP(datecreate) AS 'datecreate_unix', dateupdate, datedue, dateclosed, progress FROM todo WHERE todoid IN (" . join(",", @tdids) . ")");
$sth->execute;
my @items;
push @items, $_ while ($_ = $sth->fetchrow_hashref);
foreach my $it (@items) {
$it->{'_duesort'} = $it->{'datedue'};
if ($it->{'_duesort'} =~ s/^0000-/9999-/) {
$it->{'datedue'} = "";
} elsif (length($it->{'datedue'})==0) {
$it->{'_duesort'} = "9999";
}
}
###
## sort
#
$FORM{'sort'} ||= "due";
if ($FORM{'sort'} eq "due") {
@items = sort { $b->{'priority'} <=> $a->{'priority'} } @items;
@items = sort { $a->{'_duesort'} cmp $b->{'_duesort'} } @items;
}
if ($FORM{'sort'} eq "priority") {
@items = sort { $a->{'_duesort'} cmp $b->{'_duesort'} } @items;
@items = sort { $b->{'priority'} <=> $a->{'priority'} } @items;
}
if ($FORM{'sort'} eq "status") {
@items = sort { $b->{'progress'} <=> $a->{'progress'} } @items;
}
if ($FORM{'sort'} eq "item") {
@items = sort { lc($a->{'subject'}) cmp lc($b->{'subject'}) } @items;
}
$body .= "<form method='post' action='./'><P><TABLE BORDER=1 CELLPADDING=4 CELLSPACING=1>\n";
$body .= "<TR BGCOLOR=<?emcolorlite?> ALIGN=LEFT VALIGN=BOTTOM>\n";
$body .= "<TD><B>&nbsp;</B></TD>\n" if ($permission{'delete'});
{
my @cols = (["Status", "status"],
["P", "priority"],
["Item", "item"],
["Date Due", "due"],
["Category", ""]);
foreach my $col (@cols) {
if ($col->[1] eq "") {
$body .= "<td><b>$col->[0]</b></td>";
} elsif ($col->[1] eq $FORM{'sort'}) {
$body .= "<td bgcolor=<?emcolor?>><b>$col->[0]</b></td>";
} else {
$body .= "<td><a href=\"" . BML::self_link({ 'user' => $u->{'user'}, 'sort' => $col->[1] }) . "\"><b>$col->[0]</b></a></td>";
}
}
}
$body .= "</TR>\n";
foreach my $it (@items)
{
my $val;
my @vals;
## status
$val = $it->{'progress'} . "%<BR>" . LJ::ehtml($it->{'statusline'});
push @vals, $val;
## priority
{
my $color;
if ($it->{'priority'} < 3) { $val = "-"; $color = "#0000C0"; }
if ($it->{'priority'} == 1) { $val = "--"; }
if ($it->{'priority'} > 3) { $val = "!"; $color = "#FF0000"; }
if ($it->{'priority'} == 5) { $val = "!!"; }
$val = $color ? "<FONT FACE=\"Arial,Helvetica\" COLOR=$color><B>$val</B></FONT>" : "&nbsp;";
}
push @vals, $val;
## item & description
{
my $des = LJ::auto_linkify(LJ::ehtml($it->{'des'}));
$val = "<a href=\"item.bml?id=$it->{'todoid'}\"><b>" . LJ::ehtml($it->{'subject'}) . "</b></a><br /><font size='-1'>$des</font>";
push @vals, $val;
}
## due
{
$val = "&nbsp;";
my $due = $it->{'datedue'};
$due =~ s/:00$//;
$due =~ s/00:00$//;
if ($due) {
$val = "<nobr><font size=-1>$due</font></nobr>";
}
push @vals, $val;
}
## categories
{
$val = "";
foreach my $kwid (@{$itemkws{$it->{'todoid'}}}) {
if ($val) { $val .= ", "; }
$val .= $keyword{$kwid}->{'keyword'};
}
$val = $val ? "<font size=-1>$val</font>" : "&nbsp;";
push @vals, $val;
}
## print the row
$body .= "<TR ALIGN=LEFT VALIGN=TOP>\n";
$body .= "<TD><B><INPUT TYPE=CHECKBOX NAME=\"delete_$it->{'todoid'}\"></B></TD>\n" if ($permission{'delete'});
foreach $val (@vals) {
$body .= "<TD>$val</TD>";
}
$body .= "</TR>\n";
}
$body .= "</TABLE>\n";
$body .= "<p><input type=submit value=\"Delete Selected\">" if ($permission{'delete'});
$body .= "</form>";
return;
_code?><?page
title=><?_code return $title; _code?>
body=><?_code return $body; _code?><p><?standout <B>Note:</B> The to-do list system is in beta. We're well aware it has a lot of work needed, and it definitely needs to be documented-- especially the security related things. standout?>
page?><?_c <LJDEP>
form: htdocs/todo/index.bml
post: htdocs/todo/index.bml
link: htdocs/todo/index.bml, htdocs/todo/item.bml
</LJDEP> _c?>

298
livejournal/htdocs/todo/item.bml Executable file
View File

@@ -0,0 +1,298 @@
<?_code
use strict;
use vars qw($title $body %FORM);
LJ::set_active_crumb('addtodo');
my $dbh = LJ::get_db_writer();
$title = "";
$body = "";
my ($sth, $hval, $disabled);
my %permission;
my $u;
my $remote = LJ::get_remote();
if ($FORM{'user'}) {
$u = LJ::load_user($FORM{'user'});
}
my $mode;
my $it;
if ($FORM{'id'} =~ /^\d+$/ && $FORM{'id'}) {
my $id = $FORM{'id'}+0;
my $dbr = LJ::get_db_reader();
$sth = $dbr->prepare("SELECT t.*, up.user AS 'posteruser' FROM todo t, useridmap up WHERE t.posterid=up.userid AND t.todoid=$id");
$sth->execute;
$it = $sth->fetchrow_hashref;
unless ($it) {
$title = "Not found";
$body = "<?h1 Not found h1?><?p The requested to-do item was not found. p?>";
return;
}
$u = LJ::load_userid($it->{'journalid'});
if ($it->{'security'} eq "private") {
unless ($remote && $remote->{'userid'} == $it->{'journalid'}) {
$title = "Sorry...";
$body = "<?h1 Security h1?><?p The requested to-do item is private and can only be viewed by the owner. p?>";
return;
}
}
if ($it->{'security'} eq "friends") {
unless (LJ::is_friend($u, $remote)) {
$title = "Sorry...";
$body = "<?h1 Security h1?><?p The requested to-do item marked 'friends only' by the owner. p?>";
return;
}
}
$sth = $dbh->prepare("SELECT k.keyword FROM todokeyword tk, keywords k WHERE tk.todoid=$id AND tk.kwid=k.kwid ORDER BY k.keyword");
$sth->execute;
my @kws;
push @kws, $_ while ($_ = $sth->fetchrow_array);
$it->{'_cats'} = join(", ", @kws);
}
$sth = $dbh->prepare("SELECT COUNT(*) FROM todo WHERE journalid=$u->{'userid'}");
$sth->execute;
my ($todo_count) = $sth->fetchrow_array;
LJ::Todo::get_permissions($dbh, \%permission, { 'user' => $u,
'remote' => $remote,
'item' => $it });
if ($FORM{'mode'} eq "save") {
unless ($FORM{'subject'} =~ /\S+/) {
$title = "Error";
$body = "<?h1 Need a subject! h1?><?p You can't have a to-do item without a subject. That's the one mandatory field. p?>";
return;
}
my $todoid = $FORM{'id'}+0;
my %q;
foreach my $key (qw(statusline security subject des priority datedue progress)) {
$q{$key} = $dbh->quote($FORM{$key});
}
$q{'datedue'} = $dbh->quote(LJ::html_datetime_decode({ 'name' => 'datedue' }, \%FORM));
if ($todoid) {
unless ($permission{'edit'}) {
$title = "Error";
$body = "<?h1 Permission Denied h1?><?p You don't have permission to edit a to-do item in this journal. p?>";
return;
}
$sth = $dbh->prepare("UPDATE todo SET statusline=$q{'statusline'}, subject=$q{'subject'}, security=$q{'security'}, des=$q{'des'}, priority=$q{'priority'}, datedue=$q{'datedue'}, progress=$q{'progress'}, dateupdate=NOW() WHERE todoid=$todoid");
$sth->execute;
if ($dbh->err) { $title = "Error"; $body = $dbh->errstr; return; }
$title = "Modified";
$body = "<?h1 Success h1?><?p The todo item was modified. You can view it <a href=\"item.bml?id=$todoid\">here</a> or view the <a href=\"./?user=$u->{'user'}\">updated list</a>. p?>";
} else {
unless ($permission{'add'}) {
$title = "Error";
$body .= "<?h1 Permission Denied h1?><?p You don't have permission to add a to-do item to this journal. p?>";
return;
}
## check to see if user's todo list is full
my $max_items = LJ::get_cap($u, "todomax");
if (defined $max_items && $todo_count >= $max_items) {
$title = "Sorry...";
my $atype = "account type";
if ($LJ::HELPURL{'accounttype'}) {
$atype = "<a href=\"$LJ::HELPURL{'accounttype'}\">$atype</a>";
}
$body .= "<?h1 Too many items... h1?><?p Your $atype is limited to $max_items to-do items at a time. p?>";
return;
}
$sth = $dbh->prepare("INSERT INTO todo (todoid, journalid, posterid, ownerid, statusline, security, subject, des, priority, datecreate, dateupdate, datedue, dateclosed, progress) VALUES (NULL, $u->{'userid'}, $remote->{'userid'}, $u->{'userid'}, $q{'statusline'}, $q{'security'}, $q{'subject'}, $q{'des'}, $q{'priority'}, NOW(), NULL, $q{'datedue'}, NULL, $q{'progress'})");
$sth->execute;
if ($dbh->err) { return "<b>db error:</b> " . $dbh->errstr; }
$todoid = $sth->{'mysql_insertid'};
$title = "Added";
$body = "<?h1 Success h1?><?p The todo item was added. You can view it <a href=\"item.bml?id=$todoid\">here</a> or view the <a href=\"./?user=$u->{'user'}\">updated list</a>. p?>";
}
if ($it->{'_cats'} ne $FORM{'categories'})
{
#### we're inserting/replacing now into memories
my @keywords = split(/\s*,\s*/, $FORM{'categories'});
if (scalar(@keywords) > 10) {
$title = "Error";
$body = "<?h1 Error h1?><?p Only 10 categories are allowed per to-do item. p?>";
return;
}
@keywords = grep { s/^\s+//; s/\s+$//; $_; } @keywords;
my @kwid;
foreach my $kw (@keywords) {
if (length($kw) > 20) {
$title = "Error";
$body = "<?h1 Error h1?><?p This category exceeds the maximum allowed size: \"$kw\" p?>";
return;
}
my $kwid = LJ::get_keyword_id($kw);
push @kwid, $kwid;
}
$dbh->do("DELETE FROM todokeyword WHERE todoid=$todoid");
if (@kwid) {
my $sql = "INSERT IGNORE INTO todokeyword (todoid, kwid) VALUES ";
# why IGNORE above? with mysql 3.23.x replication, a
# partial insert (some in, some dup -> fail) causes all
# slaves _not_ replicating that table to stop. fucked
# up, huh? so with IGNORE no error is generated.
$sql .= join(",", map { "($todoid,$_)" } @kwid);
$dbh->do($sql);
}
}
return;
}
if ($FORM{'mode'} eq "add") {
$title = "Add To-Do Item";
$it = { 'todoid' => 0,
'security' => 'public',
'priority' => 3,
'progress' => 0,
'datedue' => '0000-00-00 00:00:00',
'_cats' => $FORM{'cat'},
};
unless ($permission{'add'}) {
$disabled = "DISABLED";
}
my $max_items = LJ::get_cap($u, "todomax");
if (defined $max_items && $todo_count >= $max_items) {
$title = "Sorry...";
my $atype = "account type";
if ($LJ::HELPURL{'accounttype'}) {
$atype = "<a href=\"$LJ::HELPURL{'accounttype'}\">$atype</a>";
}
$body .= "<?h1 Too many items... h1?><?p Your $atype is limited to $max_items to-do items at a time. p?>";
return;
}
} else {
unless ($permission{'edit'}) {
$disabled = "DISABLED";
}
}
$body .= "<FORM METHOD=POST ACTION=\"item.bml\">\n";
$body .= "<INPUT TYPE=HIDDEN NAME=mode VALUE=\"save\">\n";
$body .= "<INPUT TYPE=HIDDEN NAME=user VALUE=\"$u->{'user'}\">\n";
$body .= "<INPUT TYPE=HIDDEN NAME=id VALUE=\"$it->{'todoid'}\">\n";
$body .= "<a href=\"./?user=$u->{'user'}\">&lt;&lt; Back to To-Do List</a>";
if ($FORM{'mode'} eq "add") {
$body .= "<?h1 Add To-Do Item... h1?><?p All you need to fill out is the subject. Everything else is optional. p?>";
} else {
$body .= "<div style='margin-bottom: 20px;'><?h1 To-Do Item \#$it->{'todoid'} h1?></div>";
if ($permission{'edit'}) {
$title = "Edit To-Do Item";
} else {
$title = "View To-Do Item";
}
}
$body .= "<table>";
## subject
$hval = LJ::ehtml($it->{'subject'});
$body .= "<tr><td><b>Subject:</b></td><td><input type=text name=subject value=\"$hval\" size=30 maxlength=40 $disabled>";
$body .= " <b>Priority:</b> ";
$body .= LJ::html_select({ 'name' => 'priority', 'selected' => $it->{'priority'}, 'disabled' => $disabled },
5, "++ High", 4, "+", 3, "Normal", 2, "-", 1, "-- Low");
$body .= "</td></tr>\n";
## des
$hval = LJ::ehtml($it->{'des'});
$body .= "<tr><td><b>Details:</b></td><td><input type=text name=des value=\"$hval\" size=50 maxlength=80 $disabled></td></tr>\n";
## statusline
$hval = LJ::ehtml($it->{'statusline'});
$body .= "<tr><td><b>Status:</b></td><td>";
$body .= "<input type=text name=statusline value=\"$hval\" size=15 maxlength=15 $disabled>";
## progress (percent complete)
$hval = LJ::ehtml($it->{'progress'});
$body .= " <b>Percent Done:</b> <input type=text name=progress value=\"$hval\" size=3 maxlength=3 $disabled>%";
$body .= "</td></tr>\n";
## date due
$body .= "<tr><td><b>Due Date:</b></td><td>";
$body .= LJ::html_datetime({ 'name' => 'datedue', 'default' => $it->{'datedue'}, 'disabled' => $disabled }),
$body .= "</td></tr>";
## categories
$body .= "<tr valign=top><td><b>Categories:</b></td><td>";
$hval = LJ::ehtml($it->{'_cats'});
$body .= "<input type=text name=categories value=\"$hval\" size=60 maxlength=80 $disabled><br><?de Up to 10 comma separated categories de?>";
$body .= "</td></tr>";
## categories
$body .= "<tr valign=top><td><b>Security:</b></td><td>";
{
my $todosec = LJ::get_cap($u, "todosec");
if ($todosec) {
$body .= LJ::html_select({ 'name' => 'security',
'selected' => $it->{'security'},
'disabled' => $disabled },
"public" => "Public",
"private" => "Private",
"friends" => $u->{'journaltype'} eq "C" ? "Community Members" : "Friends");
} else {
$body .= "<input type=hidden name=security value=\"public\">Your account type doesn't permit non-public to-do items.";
}
}
$body .= "</td></tr>";
## poster
if (($u->{'journaltype'} eq "C" || $it->{'posteruser'} != $u->{'user'}) && $it->{'posteruser'}) {
$body .= "<tr><td><b>Poster:</b></td><td><?ljuser $it->{'posteruser'} ljuser?></td></tr>\n";
}
## submit buttton
{
my $permission = 0;
my $action = "";
if ($it->{'todoid'}) { $action = "edit"; } else {
$action = "add";
$title = "Add To-Do Item";
}
$permission = $permission{$action};
if ($permission) {
$body .= "<tr><td><b>Done?</b></td><td>";
$body .= "<INPUT TYPE=SUBMIT VALUE=\"" . ucfirst($action) . "\">\n";
$body .= "</td></tr>\n";
}
}
$body .= "</table>";
$body .= "</FORM>\n";
return;
_code?><?page
title=><?_code return $title; _code?>
body=><?_code return $body; _code?><p><?standout <B>Note:</B> The to-do list system is in beta. We're well aware it has a lot of work needed, and it definitely needs to be documented-- especially the security related things. standout?>
page?><?_c <LJDEP>
link: htdocs/todo/index.bml, htdocs/todo/item.bml
post: htdocs/todo/item.bml
</LJDEP> _c?>