prepare("SELECT t.*, up.user AS 'posteruser' FROM todo t, useridmap up WHERE t.posterid=up.userid AND t.todoid=$id"); $sth->execute; $it = $sth->fetchrow_hashref; unless ($it) { $title = "Not found"; $body = ""; return; } $u = LJ::load_userid($it->{'journalid'}); if ($it->{'security'} eq "private") { unless ($remote && $remote->{'userid'} == $it->{'journalid'}) { $title = "Sorry..."; $body = ""; return; } } if ($it->{'security'} eq "friends") { unless (LJ::is_friend($u, $remote)) { $title = "Sorry..."; $body = ""; return; } } $sth = $dbh->prepare("SELECT k.keyword FROM todokeyword tk, keywords k WHERE tk.todoid=$id AND tk.kwid=k.kwid ORDER BY k.keyword"); $sth->execute; my @kws; push @kws, $_ while ($_ = $sth->fetchrow_array); $it->{'_cats'} = join(", ", @kws); } $sth = $dbh->prepare("SELECT COUNT(*) FROM todo WHERE journalid=$u->{'userid'}"); $sth->execute; my ($todo_count) = $sth->fetchrow_array; LJ::Todo::get_permissions($dbh, \%permission, { 'user' => $u, 'remote' => $remote, 'item' => $it }); if ($FORM{'mode'} eq "save") { unless ($FORM{'subject'} =~ /\S+/) { $title = "Error"; $body = ""; return; } my $todoid = $FORM{'id'}+0; my %q; foreach my $key (qw(statusline security subject des priority datedue progress)) { $q{$key} = $dbh->quote($FORM{$key}); } $q{'datedue'} = $dbh->quote(LJ::html_datetime_decode({ 'name' => 'datedue' }, \%FORM)); if ($todoid) { unless ($permission{'edit'}) { $title = "Error"; $body = ""; return; } $sth = $dbh->prepare("UPDATE todo SET statusline=$q{'statusline'}, subject=$q{'subject'}, security=$q{'security'}, des=$q{'des'}, priority=$q{'priority'}, datedue=$q{'datedue'}, progress=$q{'progress'}, dateupdate=NOW() WHERE todoid=$todoid"); $sth->execute; if ($dbh->err) { $title = "Error"; $body = $dbh->errstr; return; } $title = "Modified"; $body = "here or view the {'user'}\">updated list. p?>"; } else { unless ($permission{'add'}) { $title = "Error"; $body .= ""; return; } ## check to see if user's todo list is full my $max_items = LJ::get_cap($u, "todomax"); if (defined $max_items && $todo_count >= $max_items) { $title = "Sorry..."; my $atype = "account type"; if ($LJ::HELPURL{'accounttype'}) { $atype = "$atype"; } $body .= ""; return; } $sth = $dbh->prepare("INSERT INTO todo (todoid, journalid, posterid, ownerid, statusline, security, subject, des, priority, datecreate, dateupdate, datedue, dateclosed, progress) VALUES (NULL, $u->{'userid'}, $remote->{'userid'}, $u->{'userid'}, $q{'statusline'}, $q{'security'}, $q{'subject'}, $q{'des'}, $q{'priority'}, NOW(), NULL, $q{'datedue'}, NULL, $q{'progress'})"); $sth->execute; if ($dbh->err) { return "db error: " . $dbh->errstr; } $todoid = $sth->{'mysql_insertid'}; $title = "Added"; $body = "here or view the {'user'}\">updated list. p?>"; } if ($it->{'_cats'} ne $FORM{'categories'}) { #### we're inserting/replacing now into memories my @keywords = split(/\s*,\s*/, $FORM{'categories'}); if (scalar(@keywords) > 10) { $title = "Error"; $body = ""; return; } @keywords = grep { s/^\s+//; s/\s+$//; $_; } @keywords; my @kwid; foreach my $kw (@keywords) { if (length($kw) > 20) { $title = "Error"; $body = ""; return; } my $kwid = LJ::get_keyword_id($kw); push @kwid, $kwid; } $dbh->do("DELETE FROM todokeyword WHERE todoid=$todoid"); if (@kwid) { my $sql = "INSERT IGNORE INTO todokeyword (todoid, kwid) VALUES "; # why IGNORE above? with mysql 3.23.x replication, a # partial insert (some in, some dup -> fail) causes all # slaves _not_ replicating that table to stop. fucked # up, huh? so with IGNORE no error is generated. $sql .= join(",", map { "($todoid,$_)" } @kwid); $dbh->do($sql); } } return; } if ($FORM{'mode'} eq "add") { $title = "Add To-Do Item"; $it = { 'todoid' => 0, 'security' => 'public', 'priority' => 3, 'progress' => 0, 'datedue' => '0000-00-00 00:00:00', '_cats' => $FORM{'cat'}, }; unless ($permission{'add'}) { $disabled = "DISABLED"; } my $max_items = LJ::get_cap($u, "todomax"); if (defined $max_items && $todo_count >= $max_items) { $title = "Sorry..."; my $atype = "account type"; if ($LJ::HELPURL{'accounttype'}) { $atype = "$atype"; } $body .= ""; return; } } else { unless ($permission{'edit'}) { $disabled = "DISABLED"; } } $body .= "

\n"; $body .= "\n"; $body .= "{'user'}\">\n"; $body .= "{'todoid'}\">\n"; $body .= "{'user'}\"><< Back to To-Do List"; if ($FORM{'mode'} eq "add") { $body .= ""; } else { $body .= "

{'todoid'} h1?>

"; if ($permission{'edit'}) { $title = "Edit To-Do Item"; } else { $title = "View To-Do Item"; } } $body .= ""; ## subject $hval = LJ::ehtml($it->{'subject'}); $body .= "\n"; ## des $hval = LJ::ehtml($it->{'des'}); $body .= "\n"; ## statusline $hval = LJ::ehtml($it->{'statusline'}); $body .= "\n"; ## date due $body .= ""; ## categories $body .= ""; ## categories $body .= ""; ## poster if (($u->{'journaltype'} eq "C" || $it->{'posteruser'} != $u->{'user'}) && $it->{'posteruser'}) { $body .= "\n"; } ## submit buttton { my $permission = 0; my $action = ""; if ($it->{'todoid'}) { $action = "edit"; } else { $action = "add"; $title = "Add To-Do Item"; } $permission = $permission{$action}; if ($permission) { $body .= "\n"; } } $body .= "

Subject:	"; $body .= " Priority: "; $body .= LJ::html_select({ 'name' => 'priority', 'selected' => $it->{'priority'}, 'disabled' => $disabled }, 5, "++ High", 4, "+", 3, "Normal", 2, "-", 1, "-- Low"); $body .= "
Details:
Status:	"; $body .= ""; ## progress (percent complete) $hval = LJ::ehtml($it->{'progress'}); $body .= " Percent Done: %"; $body .= "
Due Date:	"; $body .= LJ::html_datetime({ 'name' => 'datedue', 'default' => $it->{'datedue'}, 'disabled' => $disabled }), $body .= "
Categories:	"; $hval = LJ::ehtml($it->{'_cats'}); $body .= " "; $body .= "
Security:	"; { my $todosec = LJ::get_cap($u, "todosec"); if ($todosec) { $body .= LJ::html_select({ 'name' => 'security', 'selected' => $it->{'security'}, 'disabled' => $disabled }, "public" => "Public", "private" => "Private", "friends" => $u->{'journaltype'} eq "C" ? "Community Members" : "Friends"); } else { $body .= "Your account type doesn't permit non-public to-do items."; } } $body .= "
Poster:	{'posteruser'} ljuser?>
Done?	"; $body .= "\n"; $body .= "

"; $body .= "

\n"; return; _code?> body=>

Note: The to-do list system is in beta. We're well aware it has a lot of work needed, and it definitely needs to be documented-- especially the security related things. standout?> page?> link: htdocs/todo/index.bml, htdocs/todo/item.bml post: htdocs/todo/item.bml _c?>