Navigation

← Previous Changeset
Next Changeset →

Changeset 1423

Timestamp:

03/16/07 10:16:26 (2 years ago)

Author:

jm3

Message:

ibehind in committing

Files:

feedmelinks/modules/header.inc.php (modified) (1 diff)
feedmelinks/modules/main-controller.inc.php (modified) (6 diffs)
feedmelinks/modules/my-recent.inc.php (modified) (1 diff)
feedmelinks/modules/utils.inc.php (modified) (28 diffs)
feedmelinks/modules/view-link.inc.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

feedmelinks/modules/header.inc.php

r1415	r1423
44	44	if( ! $noFAJAX ) {
45	45	?>
46		<script language="javascript" src="script/fajax.js"></script>
	46	<script language="javascript" src="/script/fajax.js"></script>
47	47	<script language="javascript">
48	48	fml.user = "<%= $u %>";

feedmelinks/modules/main-controller.inc.php

r1336	r1423
23	23	} else if( $op == "makeNewFolderAndSubmit" ) {
24	24	if( $debug )
25		echo "DEBUG: ADDING <b>$linkName</b> ($url)TO NEW FOLDER $newFolderName<br />\n";
	25	echo "DEBUG: ADDING <b>$linkName</b> ($url) TO NEW FOLDER $newFolderName<br />\n";
26	26	if( $url && $linkName ) {
27	27	if( $newFolderName ) {
…	…
30	30	$name = urlencode( $linkName );
31	31	$userid = urlencode( $u );
32		$isPrivate = ~~$isPrivate ? 1 : "NULL"~~;
	32	$isPrivate = ($isPrivate && $isPrivate != "NULL" && $isPrivate!= "0" && isPrivate != "no" ) ? 1 : 0;
33	33
34	34	# first we create the new category
…	…
41	41
42	42	# then we add the link:
43		$q = addLinkSimple( $url, $name, $userid, $isPrivate );
	43	$q = addLinkSimple( $url, $name, $userid, $isPrivate, ($from = $from ? $from : "makeNewFolderAndSubmit") );
44	44	if( $q ) {
45	45	echo "link added!<br />\n";
…	…
78	78	}
79	79	$userid = urlencode( $u );
80		$isPrivate = ~~$isPrivate ? 1 : "NULL"~~;
	80	$isPrivate = ($isPrivate && $isPrivate != "NULL" && $isPrivate!= "0" && isPrivate != "no" ) ? 1 : 0;
81	81	$options = ""; # not yet implemented
82	82
…	…
86	86	-->
87	87	<?php
88		$q = addLinkSimple( $url, $name, $userid, $isPrivate );
	88	$q = addLinkSimple( $url, $name, $userid, $isPrivate, ($from = $from ? $from : "main-controller-submit") );
89	89	if( $q ) {
90	90	echo "link added!<br />\n";
…	…
153	153	$createDate = urlencode( $createDate );
154	154	$userid = urlencode( $u );
155		$isPrivate = ~~$isPrivate ? 1 : "NULL"~~;
	155	$isPrivate = ($isPrivate && $isPrivate != "NULL") ? 1 : 0;
156	156
157	157	$qs = "REPLACE INTO links VALUES($id, '$url', '$name', '$createDate', NULL, '$userid', $groupid, $isPrivate);";

feedmelinks/modules/my-recent.inc.php

r1388	r1423
61	61	<?= makeLink( $id, "/t/$id", urldecode( mysql_result($q,$i,"name")), $url, "", "" ) ?>
62	62	<?= makePermaLink( $id ) ?>
	63	<?= makeDeleteLink( $id ) ?>
63	64	<?php echo "\n"; ?> <div style="text-align: right;">
64	65	<?php $cats = getShortCategoriesForLinkAsHTML( $id, $u, 0, 0 ); ?> <?= $cats ? "in: $cats" : "(<a href='/f/unfiled'>" . getUnCattedName() . "</a>)" ?>

feedmelinks/modules/utils.inc.php

r1410	r1423
11	11	define( "IDLENESS", 1 );
12	12	define( "SPAMMING", 2 );
	13
	14	function get_links_tagged_for_me( $user ) {
	15	$links = array();
	16	$qs = getQuery( "links_tagged_for_me", "$user" );
	17	$q = run_query( $qs );
	18	$c = mysql_num_rows($q);
	19	echo "<p>$user has " . ($c ? $c : 0 ) . " links tagged!</p>";
	20	while( $row = mysql_fetch_assoc( $q )) {
	21	$ID = urldecode( $row["ID"] );
	22	$name = urldecode( $row["name"] );
	23	$links[$ID] = $name;
	24	}
	25	return $links;
	26	}
13	27
14	28	function has_me_as_a_peep( $them, $me ) {
…	…
100	114	}
101	115
	116	function encode_for_xml( $s ) {
	117	if( ! $s )
	118	return;
	119	return preg_replace( "/_FML_AMP_/", "&", preg_replace( "/_FML_EQUALS_/", "=", urlencode( preg_replace( "/&/", "_FML_AMP_", preg_replace( "/=/", "_FML_EQUALS_", $s )))));
	120	}
	121
102	122	function encode_url_for_xml( $url ) {
103	123	$pieces = explode("?", $url);
104		return count( $pieces ) > 1 ? $pieces[0] . "?" . preg_replace( "/_FML_AMP_/", "&", preg_replace( "/_FML_EQUALS_/", "=", urlencode( preg_replace( "/&/", "_FML_AMP_", preg_replace( "/=/", "_FML_EQUALS_", $pieces[1] ))))) : $url;
	124	return count( $pieces ) > 1 ? $pieces[0] . "?" . encode_for_xml( $pieces[1] ) : $url;
	125	}
	126
	127	function encode_as_text_node( $s ) {
	128	# %C3%A5
	129
	130	return encodeAmps( $s );
	131	# the five legal builtin XML entities:
	132	return preg_replace( "/&amp;/", "&", o( $s )); # FIXME: if this is breaking elsewhere then that's a sign that we need to move the amo escaping into o()
	133	if(
	134	preg_match( "/&[^a][^m][^p][^;]/", $s )
	135	\|\| preg_match( "/&[^q][^u][^o][^t][^;]/", $s )
	136	\|\| preg_match( "/&[^a][^p][^o][^s][^;]/", $s )
	137	\|\| preg_match( "/&[^l][^t][^;]/", $s )
	138	\|\| preg_match( "/&[^g][^t][^;]/", $s )
	139	)
	140	$s = encodeAmps( $s );
	141	return utf8_encode( $s );
105	142	}
106	143
…	…
416	453	}
417	454
418		function re_enable_user( $u ) {
419		notify_returning( $u );
420		return( get_simple_rs( getQuery( "re-enable_user", $u )));
	455	function re_enable_user( $u, $manual = false ) {
	456	if( ! $u \|\| user_enabled( $u ))
	457	return 0;
	458	notify_returning( $u, $manual );
	459	return( run_query( getQuery( "re-enable_user", $u )));
421	460	}
422	461
…	…
472	511	function report_spammer( $alleged_spammer, $reporter ) {
473	512	$reporter = $reporter ? $reporter : "anonymous";
474		log_mesg_to( ~~get_ip() . ": $reporter reported $alleged_spammer as a spammer"~~, "security" );
	513	log_mesg_to( "[spammer reported] $alleged_spammer reported by $reporter, " . get_ip(), "security" );
475	514	$body = "$alleged_spammer was reported as a spammer (gasp!).
476	515	http://feedmelinks.com/u/$alleged_spammer
…	…
554	593	$q = run_query( getQuery( "snuff_user", $user ));
555	594
556		log_mesg_to( ~~get_ip() . ": " . get_user() . " snuffed out user $user"~~, "security" );
	595	log_mesg_to( "[snuffed] $user by " . get_user(), "security" );
557	596	echo get_snuffed_mesg();
558	597	?>
…	…
741	780	}
742	781
743		function notify_returning( $u ) {
	782	function notify_returning( $u, $manual = false ) {
744	783	$site = get_site();
745		$body = "Hello $u -- welcome back! We're stoked that you've decided to keep using Feed Me Links.
	784	if( $manual ) {
	785	$body = "Hi $u. This is the Feed Me Links Robot speaking.
	786
	787	I want to apologize on behalf of jm3 for his hairbrained scheme to rid Feed Me Links of spammers. This same scheme, which has overall, worked quite well, also inadvertently expired the accounts of a few legitimate users without warning. Including yours. :-(
	788
	789	Although no data was lost and no links were disabled, this was quite an embarassing turn of events for us, and very inconvenient for those users whose accounts were expired. We are manually verifying and renabling each legitimate account right now.
	790
	791	Your account has been re-enabled, and for reference purposes, your password is: " . getPasswdForUser( $u ) ."
	792
	793	If you would like to re-set your account password, just click here: $site/account
	794
	795	Thank you, and welcome [back] to Feed Me Links.
	796	If you have any questions or concerns, feel free to email me (jm3) directly at jm3@feedmelinks.com
	797
	798	--
	799
	800	The Feed Me Links Robot";
	801	} else {
	802	$body = "Hello $u -- welcome back! We're stoked that you've decided to keep using Feed Me Links.
746	803
747	804	You can start using Feed Me Links immediately; your current account password is: " . getPasswdForUser( $u ) ."
…	…
753	810
754	811	The Feed Me Links Robot";
	812	}
755	813	$headers = get_mail_headers();
756	814	$to = getEmailAddressForUser( $u );
757	815	$success = mail( $to, "Welcome back to Feed Me Links!", $body, $headers);
758	816	if( $success )
759		log_mesg_to( "sent welcome back mail to $to", "mail" );
	817	log_mesg_to( "sent " . ($manual ? "[MANUAL] " : "" ) . "welcome back mail to $to", "mail" );
760	818	return $success;
761	819	}
…	…
1093	1151
1094	1152	$qs = getQuery( "add_new_category_xref", $newLinkID, $catNum );
1095		~~if( $debug )~~
1096		~~echo "DEBUG: $qs";~~
1097	1153	$q = mysql_query( $qs );
1098	1154	if( ! $q ) {
1099	1155	$e = mysql_error($con);
1100	1156	$tok = get_mysql_dupe_error();
1101		if( ~~! strstr( $e, $tok~~)) {
	1157	if( $e && (!strstr( $e, $tok))) {
1102	1158	%>
1103	1159	<div class="attention warning">
…	…
1105	1161	Error was: <%= $e %>
1106	1162	</div>
1107		<%
	1163	<?php
1108	1164	break;
1109	1165	} else {
…	…
1122	1178
1123	1179	function dumpParams() {
1124		%>
1125		<%
	1180	?>
	1181	<?php
1126	1182	foreach( $_GET as $pname => $pval ) { e( $pname . " = " . $pval ); }
1127	1183	e( "" );
1128	1184	foreach( $_POST as $pname => $pval ) { e( $pname . " = " . $pval ); }
1129		%>
1130		<%
1131		}
	1185	?>
	1186	<?php
	1187	}
	1188
	1189	function similar_to_recent( $url ) {
	1190	return false; # FIXME
	1191	}
1132	1192
1133	1193	# search to see if the URL exists anywhere public
1134	1194	function link_exists( $url ) {
1135		$qs = getQuery( "get_id_for_existing_link", $url );
1136		$q = mysql_query( $qs );
	1195	$q = mysql_query( getQuery( "get_id_for_existing_link", $url ));
1137	1196	if( $q && mysql_num_rows($q) )
1138	1197	return mysql_result( $q, 0, "id" );
…	…
1279	1338
1280	1339	function fatal( $m ) {
1281		l~~( "FATAL ERROR.", $m~~ );
	1340	log_mesg_to( "[FATAL ERROR] $m", "global" );
1282	1341	return tell( "Darn! ", $m );
1283	1342	}
…	…
1683	1742
1684	1743	function get_peeps_feed( $user, $user_key ) {
1685		~~#echo "<br>";~~
1686		~~#echo "user is: $user<br>";~~
1687		~~#echo "user_key is: $user_key<br>";~~
1688		~~#echo "get_feed_key($user) is: " . get_feed_key( $user ) . "<br>";~~
1689		~~#echo "<br>";~~
1690	1744	$users = get_someone_elses_contacts( $user );
1691		~~#print_r( $users );~~
1692		~~#echo "<br>";~~
1693	1745	if( ! $user \|\| $user_key != get_feed_key( $user )) {
1694	1746	echo "no user or invalid key.";
…	…
1697	1749	}
1698	1750
1699		~~#echo "no done yet!!!<br>";~~
1700	1751	$users = get_someone_elses_contacts( $user );
1701	1752	Header( "Content-type: Text/XML" );
…	…
2396	2447	SELECT * FROM tags WHERE name = 'private' AND userid = '" . urlencode( $args[1] ) . "';";
2397	2448
	2449	} else if( $argWhichQuery == "links_tagged_for_me" ) {
	2450	$me = urlencode( $args[1] );
	2451	return "
	2452	SELECT * FROM tags, links, links_tags_xref WHERE tags.name = 'for:$me' AND links_tags_xref.tagID = tags.ID AND links_tags_xref.linkID = links.ID AND (links.isPrivate is NULL OR links.isPrivate = 0) LIMIT 15;";
	2453
2398	2454	} else if( $argWhichQuery == "rude_solo_im_name" ) {
2399	2455	return "
…	…
2451	2507	return "
2452	2508	INSERT INTO spam_IPs VALUES ( '" . urlencode($args[1]) . "', '" . urlencode($args[2]) . "', '" . urlencode($args[3]) . "', NULL, NULL ) ";
	2509
	2510	} else if( $argWhichQuery == "add_spammer_domain" ) {
	2511	return "
	2512	INSERT INTO spam_domains VALUES ( NULL, '" . urlencode($args[1]) . "');";
2453	2513
2454	2514	} else if( $argWhichQuery == "links_per_user" ) {
…	…
2464	2524	SELECT * FROM tags WHERE userId = '" . urlencode($args[1]) . "' ORDER BY name ASC;";
2465	2525
	2526	} else if( $argWhichQuery == "recent_public" ) {
	2527	return "
	2528	SELECT ID, name, url, createDate, userid FROM links WHERE IsPrivate IS NULL ORDER BY ID DESC LIMIT " . mysql_real_escape_string($args[1]) . ";";
	2529
	2530	} else if( $argWhichQuery == "simple_recent_for_user" ) {
	2531	return "
	2532	SELECT ID, name, url, createDate FROM links WHERE IsPrivate IS NULL AND userid = '" . urlencode($args[2]) . "' ORDER BY ID DESC LIMIT " . mysql_real_escape_string($args[1]) . ";";
	2533
2466	2534	} else if( $argWhichQuery == "most_recent_link_for_user" ) {
2467	2535	return "
…	…
2513	2581
2514	2582	} else if( $argWhichQuery == "get_id_for_existing_link" ) {
2515		return "SELECT id FROM links WHERE url = '" . urlencode( $args[1] ) . "' AND isPrivate IS NULL;";
	2583	$url = urlencode( $args[1] );
	2584	$without_slash = preg_replace( "/%2F$/", "", $url );
	2585	return "SELECT id FROM links WHERE (LOWER(url) = LOWER('$url') OR LOWER(url) = LOWER('$without_slash')) AND isPrivate IS NULL;";
2516	2586
2517	2587	} else if( $argWhichQuery == "tag" ) {
…	…
2569	2639
2570	2640	} else if( $argWhichQuery == "add_link" ) {
2571		if( $args[4] == "NULL" \|\| !$args[4] )
2572		run_heuristics( $argWhichQuery, $args[3], array( "url" => $args[1], "name" => $args[2] )); # TODO: it May be a problem that we're not passing the tags too...
2573		return "
2574		INSERT INTO links VALUES(NULL,'" . urlencode( $args[1] ) . "','" . urlencode(escapeQuotes($args[2])) . "', NULL, NULL,'" . urlencode( $args[3] ) . "', NULL, " . $args[4] . ");";
	2641	$isPrivate = $args[4];
	2642	if( !$isPrivate && $isPrivate != "checked" )
	2643	run_heuristics( $argWhichQuery, $args[3], array( "url" => $args[1], "name" => $args[2], "from" => $args[5] )); # TODO: it May be a problem that we're not passing the tags too...
	2644	$isPrivate = ($isPrivate == 0) ? "NULL" : 1;
	2645	$qs = "
	2646	INSERT INTO links VALUES(NULL,'" . urlencode( $args[1] ) . "','" . urlencode(escapeQuotes($args[2])) . "', NULL, NULL,'" . urlencode( $args[3] ) . "', NULL, $isPrivate);";
	2647	return $qs;
2575	2648
2576	2649	} else if( $argWhichQuery == "add_tag" ) {
…	…
2640	2713	function encodeAmps( $argS ) {
2641	2714	# replace any unescaped ampersands
2642		return preg_replace( "/~~(&)([^(amp;)])/", "&$2", $argS~~ );
	2715	return preg_replace( "/</", "<", preg_replace( "/>/", ">", preg_replace( "/(&)([^(amp;)])/", "&$2", $argS )));
2643	2716	}
2644	2717
…	…
3015	3088	# judge, jury, and executioner
3016	3089	function isJJE( $u ) {
3017		if( $u == "jm3" \|\| $u == get_bot_user() )
	3090	if( $u == "jm3" \|\| $u == get_bot_puppetmaster_user() )
3018	3091	return true;
3019	3092	else
…	…
3022	3095
3023	3096	function isSuperUser( $u ) {
3024		if( $u == "jm3" \|\| $u == "pheezy" \|\| $u == get_bot_user() )
	3097	if( $u == "jm3" \|\| $u == "pheezy" \|\| $u == get_bot_puppetmaster_user() )
3025	3098	return 1;
3026	3099	else
…	…
3381	3454	if( $num_rows > 1 ) {
3382	3455	#disabled because it got too noisy:
3383		log_mesg_to( "~~$ip: potential spammer $argUserId ($argEmail) creating multiple accounts from the same IP~~", "security" );
	3456	log_mesg_to( "[account creation attempt] $argUserId, $argEmail, $ip", "security" );
3384	3457	$q = run_query( getQuery( "log_ip", $argUserId, $argEmail, $ip ));
3385	3458	return;
…	…
3511	3584	}
3512	3585
3513		function addLinkSimple( $argUrl, $argName, $argSubmitter, $isPrivate ~~= "NULL"~~, $debug = 0 ) {
	3586	function addLinkSimple( $argUrl, $argName, $argSubmitter, $isPrivate, $from, $debug = 0 ) {
3514	3587	if( !( $argUrl && $argName && $argSubmitter ))
3515	3588	return 0;
…	…
3522	3595	if( get_tag_to_link_ratio( $argSubmitter ) > get_max_ttl_ratio() ) { # this could be contraversial
3523	3596	$isPrivate = 1;
3524		log_mesg_to( ~~get_ip() . ": privatizing new link from $argSubmitter~~ due to T:L ratio", "security" );
	3597	log_mesg_to( "[privatize new link from spammer] $argSubmitter, " . get_ip() . ", via:$from due to T:L ratio", "security" );
3525	3598	}
3526	3599
3527		$qs = getQuery( "add_link", $argUrl, $argName, $argSubmitter, $isPrivate );
	3600	$qs = getQuery( "add_link", $argUrl, $argName, $argSubmitter, $isPrivate, $from );
3528	3601	if( $debug )
3529	3602	echo "qs: $qs<br>";
3530	3603	$q = mysql_query( $qs );
3531	3604	$id = $q ? mysql_insert_id() : 0;
	3605	log_mesg_to( "[$from] (" . ($isPrivate ? "private" : "public") . ") $argUrl, $argName, $argSubmitter", "links" );
3532	3606	conClose();
3533	3607	return $id;
…	…
3535	3609
3536	3610	# deprecated; call addLinkSimple() instead
3537		function addLink( $argUrl, $argName, $argSubmitter, $argFolderId, $argPrivate, $argOptions ) {
	3611	function addLink( $argUrl, $argName, $argSubmitter, $argFolderId, $argPrivate, $from, $argOptions ) {
3538	3612	if( !( $argUrl && $argName && $argSubmitter ))
3539	3613	return 0;
…	…
3542	3616	return 0; # FIXME: signal this error back to the user!!!!
3543	3617
3544		$q = addLinkSimple( urldecode( $argUrl ), urldecode( $argName ), urldecode( $argSubmitter ) );
	3618	log_mesg_to( "[$from] $argUrl, $argName, $argSubmitter, $argPrivate", "links" );
	3619	$q = addLinkSimple( urldecode( $argUrl ), urldecode( $argName ), urldecode( $argSubmitter ), $argPrivate, $from );
3545	3620	return $q;
3546	3621	}
…	…
4052	4127
4053	4128	function get_tag_IDs_as_string( $argId, $argUserId ) {
4054		if( $argId && $argUserId ) {
4055		return( implode( ", ", getCategoriesForLink( $argId )));
4056		}
	4129	if( $argId && $argUserId )
	4130	return( implode( ", ", get_tags( $argId, $argUserId )));
	4131	}
	4132
	4133	# consistency wrapper
	4134	function get_tag_names_as_string( $argId, $argUserId ) {
	4135	if( $argId && $argUserId )
	4136	return( implode( ", ", get_tag_names( $argId, $argUserId )));
4057	4137	}
4058	4138
…	…
4068	4148	$cats = preg_replace( "/a> /", "a> ", $cats );
4069	4149	return $cats;
	4150	}
	4151
	4152	# deprecated, call get_tags() instead
	4153	function getCategoriesForLink( $link_ID, $user ) {
	4154	return get_tags( $link_ID, $user );
	4155	}
	4156
	4157	function get_tags( $link_ID, $user ) {
	4158	return get_tag_names( $link_ID, $user );
4070	4159	}
4071	4160

feedmelinks/modules/view-link.inc.php

r1397	r1423
71	71	<div ftype="name" fid="<%= $l %>">
72	72	<a
73		class="biglink" title="~~Click to view~~"
	73	class="biglink" title="<?= $name ?>"
74	74	onMouseOver="window.status='<?= $link ?>'; return true;"
75	75	onMouseOut="window.status=''; return true;"

Download in other formats: