A series of fixes related to stuff I came across
This commit is contained in:
@@ -37,7 +37,7 @@ else {
|
||||
naughty("868d9cc49b2f1e4a9319a8e8755d6189 wrong key type");
|
||||
}
|
||||
|
||||
if ( !in_array($_GET["action"], array('approve','delete','block'), true ) ) {
|
||||
if ( !in_array($_GET["action"], array('publish','approve','delete','block'), true ) ) {
|
||||
naughty("c0ca62c918f9bb0ab72da0cdf2f2e8df wrong action");
|
||||
}
|
||||
else {
|
||||
@@ -81,17 +81,33 @@ if ( $action === 'delete' ) {
|
||||
http_response_code(202);
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
echo json_encode($db);
|
||||
unlink( "${file}" );
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( $action === 'approve' ) {
|
||||
unlink( "${file}" );
|
||||
$db["http_code"] = "200";
|
||||
$db["action"] = "approve";
|
||||
http_response_code(200);
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
echo json_encode($db);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( $action === 'publish' ) {
|
||||
|
||||
$comment = file_get_contents("$file");
|
||||
|
||||
$json = json_decode($comment, true);
|
||||
|
||||
require "/home/hpr/public_html_hub/cms/comment_checks.php";
|
||||
|
||||
$ep_num = mysqli_real_escape_string( $connection, $ep_num );
|
||||
$comment_timestamp_db = mysqli_real_escape_string( $connection, $comment_timestamp_db );
|
||||
$comment_author_name = mysqli_real_escape_string( $connection, $comment_author_name );
|
||||
$comment_title = mysqli_real_escape_string( $connection, $comment_title );
|
||||
$comment_text = mysqli_real_escape_string( $connection,$comment_text );
|
||||
|
||||
// OK I believe you
|
||||
|
||||
if ( strcmp($justification, "No justification is asked for or required.") !== 0 ) {
|
||||
@@ -106,6 +122,7 @@ if ( $action === 'approve' ) {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$query_add = "INSERT INTO comments (eps_id,comment_timestamp,comment_author_name,comment_title,comment_text) VALUES ( '{$ep_num}', '{$comment_timestamp_db}', '{$comment_author_name}', '{$comment_title}', '{$comment_text}')";
|
||||
|
||||
$result = mysqli_query($connection, $query_add );
|
||||
@@ -124,12 +141,12 @@ if ( $action === 'approve' ) {
|
||||
if ( empty($db["id"]) ) {
|
||||
naughty("1caead2716fb4e793b11f978eddd7559 could not find the id of the entry. comment_timestamp='$comment_timestamp_db' and comment_author_name='$comment_author_name'");
|
||||
}
|
||||
unlink( "${file}" );
|
||||
$db["http_code"] = "200";
|
||||
$db["action"] = "approve";
|
||||
$db["action"] = "publish";
|
||||
http_response_code(200);
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
echo json_encode($db);
|
||||
unlink( "${file}" );
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
@@ -98,8 +98,9 @@ foreach ($filenames as $filename) {
|
||||
|
||||
<p>
|
||||
<a href=\"https://hub.hackerpublicradio.org/cms/comment_process.php?key=$key&action=block\">Block</a>,
|
||||
<a href=\"https://hub.hackerpublicradio.org/cms/comment_process.php?key=$key&action=delete\">Delete</a>, or
|
||||
<a href=\"https://hub.hackerpublicradio.org/cms/comment_process.php?key=$key&action=approve\">Approve</a>.
|
||||
<a href=\"https://hub.hackerpublicradio.org/cms/comment_process.php?key=$key&action=delete\">Delete</a>,
|
||||
<a href=\"https://hub.hackerpublicradio.org/cms/comment_process.php?key=$key&action=approve\">Approve</a>, or
|
||||
<a href=\"https://hub.hackerpublicradio.org/cms/comment_process.php?key=$key&action=publish\">Publish</a>.
|
||||
</p>
|
||||
|
||||
<pre>
|
||||
|
||||
22
cms/say.php
22
cms/say.php
@@ -35,7 +35,24 @@ else {
|
||||
Header('Content-type: text/tab-separated-values');
|
||||
header("Content-disposition: inline; filename=say.txt");
|
||||
|
||||
$ep_retrieve = "SELECT UNIX_TIMESTAMP(eps.date) AS timestamp, eps.title, eps.duration, eps.summary, hosts.host, eps.hostid, eps.series, eps.license, eps.explicit FROM eps, hosts WHERE hosts.valid = '1' AND id = '$id' AND eps.hostid = hosts.hostid";
|
||||
$ep_retrieve = "SELECT
|
||||
UNIX_TIMESTAMP(eps.date) AS timestamp,
|
||||
eps.title,
|
||||
eps.duration,
|
||||
eps.summary,
|
||||
hosts.host,
|
||||
eps.hostid,
|
||||
eps.series,
|
||||
eps.license,
|
||||
licenses.long_name,
|
||||
eps.explicit
|
||||
FROM
|
||||
eps
|
||||
LEFT JOIN hosts ON eps.hostid = hosts.hostid
|
||||
LEFT JOIN licenses ON licenses.short_name = eps.license
|
||||
WHERE
|
||||
hosts.valid = '1'
|
||||
AND eps.id = '$id'";
|
||||
if ($result = mysqli_query($connection, $ep_retrieve)) {
|
||||
while ($row = mysqli_fetch_array($result)) {
|
||||
$date = $row['timestamp'];
|
||||
@@ -46,6 +63,7 @@ if ($result = mysqli_query($connection, $ep_retrieve)) {
|
||||
$hostid = $row['hostid'];
|
||||
$series = $row['series'];
|
||||
$license = $row['license'];
|
||||
$license_long_name = $row['long_name'];
|
||||
$explicit = $row['explicit'];
|
||||
|
||||
$id = fixid($id);
|
||||
@@ -91,7 +109,7 @@ if ( !empty( $summary ) ) {
|
||||
$HPR_summary = "${HPR_summary}. The summary is. $summary";
|
||||
}
|
||||
if (strcmp($license, "CC-BY-SA" ) !== 0) {
|
||||
$HPR_summary = "${HPR_summary}. Todays show is licensed under a $license license.";
|
||||
$HPR_summary = "${HPR_summary}. Todays show is licensed under a $license_long_name license.";
|
||||
}
|
||||
|
||||
$HPR_summary = str_replace($host,$espeak_name,$HPR_summary);
|
||||
|
||||
Reference in New Issue
Block a user