tinycm annotate plugins/blog/blog.cgi @ rev 31
Small fixes to activity and security
author | Christophe Lincoln <pankso@slitaz.org> |
---|---|
date | Mon Jan 06 18:47:03 2014 +0000 (2014-01-06) |
parents | de9aeda8602a |
children | 6cdac384354c |
rev | line source |
---|---|
pankso@27 | 1 #!/bin/sh |
pankso@27 | 2 # |
pankso@27 | 3 # TinyCM Plugin - Blog |
pankso@27 | 4 # |
pankso@27 | 5 . /usr/lib/slitaz/httphelper |
pankso@27 | 6 |
pankso@27 | 7 blog="$tiny/$content/blog" |
pankso@27 | 8 |
pankso@27 | 9 # Blog tools |
pankso@27 | 10 blog_tools() { |
pankso@27 | 11 cat << EOT |
pankso@27 | 12 <div id="tools"> |
pankso@27 | 13 <a href="$script?blogedit&d=new">$(gettext "New post")</a> |
pankso@27 | 14 <a href="$script?dashboard">Dashboard</a> |
pankso@27 | 15 $([ "$index" == "blog" ] && echo "<a href='$script?d=index'>Index</a>") |
pankso@27 | 16 $([ "$HG" == "yes" ] && echo "<a href='$script?hg'>Hg Log</a>") |
pankso@27 | 17 </div> |
pankso@27 | 18 EOT |
pankso@27 | 19 } |
pankso@27 | 20 |
pankso@27 | 21 # Post tools |
pankso@27 | 22 post_tools() { |
pankso@27 | 23 cat << EOT |
pankso@28 | 24 - <a href="$script?blogedit&d=${d}">$(gettext "Edit it!")</a> |
pankso@27 | 25 EOT |
pankso@28 | 26 #<a href="$script?blogrm&d=${d}">$(gettext "Remove")</a> |
pankso@27 | 27 } |
pankso@27 | 28 |
pankso@27 | 29 # Display blog post: show_posts nb |
pankso@28 | 30 show_post() { |
pankso@28 | 31 d=${1%.txt} |
pankso@28 | 32 date=$(fgrep 'DATE=' ${blog}/${d}.txt | cut -d '"' -f 2) |
pankso@28 | 33 # Get post author |
pankso@28 | 34 author=$(fgrep 'AUTHOR=' ${blog}/${d}.txt | cut -d '"' -f 2) |
pankso@28 | 35 if [ -f "${PEOPLE}/${author}/account.conf" ]; then |
pankso@28 | 36 . ${PEOPLE}/${author}/account.conf |
pankso@28 | 37 else |
pankso@28 | 38 echo ERROR: ${PEOPLE}/${author}/account.conf |
pankso@28 | 39 fi |
pankso@28 | 40 echo "<div class=\"blogpost\">" |
pankso@28 | 41 cat ${blog}/${d}.txt | sed -e '/AUTHOR=/'d -e '/DATE=/'d | wiki_parser |
pankso@28 | 42 cat << EOT |
pankso@28 | 43 <div class="post-tools"> |
pankso@28 | 44 <a href="$script?user=$USER">$(get_gravatar $MAIL 24)</a> |
pankso@28 | 45 <span class="date">$date</span> |
pankso@28 | 46 EOT |
pankso@28 | 47 # Post tools for auth users |
pankso@30 | 48 if admin_user; then |
pankso@28 | 49 post_tools |
pankso@28 | 50 echo "</div>" |
pankso@28 | 51 else |
pankso@28 | 52 echo "</div>" |
pankso@28 | 53 fi |
pankso@28 | 54 echo "</div>" |
pankso@28 | 55 } |
pankso@28 | 56 |
pankso@28 | 57 # Display blog post: show_posts count |
pankso@27 | 58 show_posts() { |
pankso@28 | 59 for p in $(ls -r $blog | head -n $1) |
pankso@27 | 60 do |
pankso@28 | 61 show_post ${p} |
pankso@27 | 62 done |
pankso@27 | 63 } |
pankso@27 | 64 |
pankso@27 | 65 # |
pankso@27 | 66 # Index main page can display the lastest Blog posts |
pankso@27 | 67 # |
pankso@27 | 68 if fgrep -q '[BLOG]' $tiny/$wiki/index.txt && [ ! "$(GET)" ]; then |
pankso@28 | 69 d="Blog posts" |
pankso@27 | 70 index="blog" |
pankso@27 | 71 header |
pankso@27 | 72 html_header |
pankso@27 | 73 user_box |
pankso@27 | 74 # Post tools for auth users |
pankso@30 | 75 if admin_user; then |
pankso@27 | 76 blog_tools |
pankso@27 | 77 fi |
pankso@27 | 78 show_posts 5 |
pankso@27 | 79 echo "<p><a href='$script?blog'>$(gettext "More blog posts")</a></p>" |
pankso@27 | 80 html_footer && exit 0 |
pankso@27 | 81 fi |
pankso@27 | 82 |
pankso@27 | 83 case " $(GET) " in |
pankso@27 | 84 *\ blogedit\ *) |
pankso@27 | 85 d="$(GET d)" |
pankso@27 | 86 header |
pankso@27 | 87 html_header |
pankso@27 | 88 user_box |
pankso@27 | 89 # Blog tools for auth users |
pankso@31 | 90 if ! check_auth && admin_user; then |
pankso@30 | 91 gettext "You must be admin to create a new Blog post" |
pankso@27 | 92 html_footer && exit 0 |
pankso@27 | 93 fi |
pankso@27 | 94 # New post |
pankso@27 | 95 if [ "$d" == "new" ]; then |
pankso@28 | 96 date=$(date '+%Y-%M-%d') |
pankso@28 | 97 last=$(ls -r $blog | head -n 1) |
pankso@28 | 98 nb=${last%.txt} |
pankso@28 | 99 d=$(($nb + 1)) |
pankso@30 | 100 conf=$(echo -e "\n\nAUTHOR=\"$user\"\nDATE=\"$date\"\n\n====Title====") |
pankso@27 | 101 fi |
pankso@27 | 102 cat << EOT |
pankso@27 | 103 <h2>$(gettext "Blog post"): $d</h2> |
pankso@27 | 104 |
pankso@27 | 105 <div id="edit"> |
pankso@27 | 106 <form method="get" action="$script" name="editor"> |
pankso@27 | 107 <input type="hidden" name="blogsave" value="$d" /> |
pankso@28 | 108 <textarea name="content">$conf $(cat "$blog/$d.txt")</textarea> |
pankso@27 | 109 <input type="submit" value="$(gettext "Post content")" /> |
pankso@27 | 110 $(gettext "Code Helper:") |
pankso@27 | 111 $(cat lib/jseditor.html) |
pankso@27 | 112 </form> |
pankso@27 | 113 </div> |
pankso@27 | 114 EOT |
pankso@27 | 115 html_footer && exit 0 ;; |
pankso@27 | 116 |
pankso@27 | 117 *\ blogsave\ *) |
pankso@27 | 118 d="$(GET blogsave)" |
pankso@31 | 119 if check_auth && admin_user; then |
pankso@27 | 120 [ -d "$blog" ] || mkdir -p ${blog} |
pankso@28 | 121 # New post ? |
pankso@28 | 122 if [ ! -f "${blog}/${d}.txt" ]; then |
pankso@28 | 123 echo "New Blog post: <a href='$script?blog=$d'>Read it!</a>" \ |
pankso@28 | 124 | log_activity |
pankso@28 | 125 fi |
pankso@28 | 126 # Write content to file |
pankso@27 | 127 sed "s/$(echo -en '\r') /\n/g" > ${blog}/${d}.txt << EOT |
pankso@27 | 128 $(GET content) |
pankso@27 | 129 EOT |
pankso@27 | 130 fi |
pankso@27 | 131 header "Location: $script?blog" ;; |
pankso@27 | 132 |
pankso@27 | 133 *\ blog\ *) |
pankso@28 | 134 d="Blog posts" |
pankso@28 | 135 count="20" |
pankso@27 | 136 header |
pankso@27 | 137 html_header |
pankso@27 | 138 user_box |
pankso@28 | 139 #echo "<h2>$(gettext "Latest blog posts")</h2>" |
pankso@27 | 140 # Blog tools for auth users |
pankso@31 | 141 if check_auth && admin_user; then |
pankso@27 | 142 blog_tools |
pankso@27 | 143 fi |
pankso@27 | 144 # Exit if plugin is disabled |
pankso@27 | 145 if [ ! -d "$blog" ]; then |
pankso@27 | 146 echo "<p class='error box'>" |
pankso@27 | 147 gettext "Blog plugin is not yet active."; echo "</p>" |
pankso@27 | 148 html_footer && exit 0 |
pankso@27 | 149 fi |
pankso@28 | 150 # Single post |
pankso@28 | 151 if [ "$(GET blog)" != "blog" ]; then |
pankso@28 | 152 show_post "$(GET blog)" |
pankso@28 | 153 else |
pankso@28 | 154 show_posts ${count} |
pankso@28 | 155 fi |
pankso@27 | 156 html_footer |
pankso@27 | 157 exit 0 ;; |
pankso@27 | 158 esac |