#!/usr/bin/perl require 5.004; use strict; use CGI::Carp qw(fatalsToBrowser); use CGI; use EdcomLib::SQL; use EdcomLib::Tables; use EdcomLib::EdcomLib; use EdcomLib::Auth; use EdcomLib::Time; $CGI::POST_MAX=1024 * 50; $CGI::DISABLE_UPLOADS = 1; my $q = new CGI; my $p = new EdcomLib::EdcomLib; my $t = new EdcomLib::Tables; my $auth = new EdcomLib::Auth; my $time = new EdcomLib::Time; my $s = new EdcomLib::SQL; $s->connect( { 'pass' => 'qudc79' } ); if(! $auth->auth()) { print $q->header(); } # comment deletion code # without sufficient privileges a user doesn't even know this exists # 00 6 25 # Half of this doesn't work at all right now -- Fix it if($q->param('del') eq '1' and $auth->checkaccess() >= $auth->fetchreq('Administrator')) { if($q->param('parent') eq '0' or $q->param('parent') eq '') { $s->sql("DELETE FROM thread_updates WHERE tid = ?",$q->param('tid')) if($q->param('tid') ne ''); $s->sql("DELETE FROM recent_threads WHERE tid = ?",$q->param('tid')) if($q->param('tid') ne ''); my $aref = $s->sql( "SELECT uid,cid FROM msgcomments WHERE cid = ?", $q->param('cid') ) if $q->param('cid') ne ''; if($aref->[0]->{'uid'} ne '0') { $s->sql( "DELETE FROM recent_posts WHERE uid = ? AND cid = ?", $aref->[0]->{'uid'},$q->param('cid') ); } } delete_comments($q->param('cid')) if $q->param('cid') ne ''; $s->sql("DELETE FROM msgcomments WHERE cid = ?",$q->param('cid')) if($q->param('cid') ne ''); } if($q->param('bid') ne '') { displaycomments(); } else { displayboards(); } sub displaycomments { my $h; my $aref = $s->sql( "SELECT bid,name,description,layout_t,msg_t FROM msgboards WHERE bid = ?", $q->param('bid') ); $h = $aref->[0]; $h->{'parent'} = ($q->param('parent') or '0'); $h->{'cid'} = ($q->param('cid') or ''); $h->{'tid'} = ($q->param('tid') or ''); if($q->param('mon') eq '0' and $h->{'bid'} and $h->{'parent'} eq '0' and $h->{'tid'}) { my $aref = $s->sql( "UPDATE recent_threads SET track = ? WHERE uid = ? AND tid = ?", 'n',$auth->fetchuseruid(),$h->{'tid'} ); } if($auth->fetchuseruid() and $h->{'bid'} and $h->{'parent'} eq '0' and $h->{'tid'}) { my $aref = $s->sql( "SELECT uid,tid,track FROM recent_threads WHERE uid = ? AND tid = ?", $auth->fetchuseruid(),$h->{'tid'} ); if(@$aref == 1 and $aref->[0]->{'track'} ne 'n') { $s->sql( "UPDATE recent_threads SET ts = ? WHERE uid = ? AND tid = ?", $time->now_to_dbdate(),$auth->fetchuseruid(), $h->{'tid'} ); } elsif(@$aref == 0) { my $aref = $s->sql( "SELECT track_default FROM userinfo WHERE uid = ?", $auth->fetchuseruid() ); if($aref->[0]->{'track_default'} eq '') { $aref->[0]->{'track_default'} = 'y'; } $s->sql( "INSERT INTO recent_threads VALUES(?,?,?,?)", $auth->fetchuseruid(),$h->{'tid'}, $time->now_to_dbdate(),$aref->[0]->{'track_default'} ); } } print $p->parse( $t->getheb($aref->[0]->{'layout_t'}), $h ); } sub displayboards { my %h = (); my $aref = $s->sql( "SELECT bid,name,description,layout_t,msg_t FROM msgboards ORDER BY name", ); for(my $x = 0; $x < @$aref; $x++) { my $h = $aref->[$x]; # Prepare tokens for cs_boardentry $h->{'msgboard_link'} = $t->fetchvalue('lib_cgiwebpath') ."/msgboard.pl?bid=$aref->[$x]->{'bid'}&parent="; $h{'board_list'} .= $p->parse( $t->getheb('cs_boardentry'), $h ); } print $p->parse( $t->getheb('cs_boardlist'), \%h ); } # administration function to allow deleting of comments when browsing # the tree. # Moderation of the board would probably occur in a similar fashion sub delete_comments { my $cid = shift; my $aref = $s->sql( "SELECT cid,parent,uid FROM msgcomments WHERE parent = ?", $cid ); for(my $x = 0; $x < @$aref; $x++) { delete_comments($aref->[$x]->{'cid'}); my $ref = $s->sql( "SELECT uid,cid FROM msgcomments WHERE cid = ?", $aref->[$x]->{'cid'} ); if($ref->[0]->{'uid'} ne '0') { $s->sql( "DELETE FROM recent_posts WHERE uid = ? AND cid = ?", $ref->[0]->{'uid'},$aref->[$x]->{'cid'} ); } $s->sql("DELETE FROM msgcomments WHERE cid = ?",$aref->[$x]->{'cid'}); } }