s4: 511406c0cbbe s4-blog.sh

s4

view s4-blog.sh @ 155:511406c0cbbe

Do HTML escape at value editing

author	HIROSE Yuuji <yuuji@gentei.org>
date	Tue, 05 Jan 2016 18:47:59 +0859
parents	75598f2d3118
children	d46bce9072cd

line source

1 #

2 type cgiinit >/dev/null 2>&1 || . ./s4-funcs.sh

4 blog_genform() {

5 #

6 t=$1

7 }

9 blog_writable() (

10 # $1=articleid $2=user

11 blogowner=`getvalbyid blog owner "$1"`

12 [ x"$blogowner" = x"$2" ] || isuser "$blogowner" || ismember "$2" "$blogowner"

13 )

14 blog_readable() {

15 # $1=articleid $2=user

16 mode=`getgroupattr $grp regmode`

17 }

18 blog_notify_reply() (

19 # $1=articleid $2=ReplyingUser $3=WrittenText $4(optional)=Action

20 blogowner=`getvalbyid blog owner "$1"`

21 [ x"$2" = x"$blogowner" ] && return # If author=blogowner, unnecessary

22 blogtitle=`getvalbyid blog title "$1"`

23 blogurl="$urlbase?replyblog+$1"

24 action=${4:-書き込み}

25 mode=`getvalbyid blog notify "$1"`

26 case $mode in

27 admin)

28 if isgroup "$blogowner"; then

29 emails=`getgroupadminmails $blogowner`

30 else

31 emails=`collectemail $blogowner`

32 fi

33 ;;

34 no) return ;;

35 *) emails=`collectemail $blogowner` ;;

36 esac

37 err notify: user=$user Admins=`getgroupadmins $blogowner` Mode=$mode Emails="[$emails]"

38 smail "$emails" "${action}通知 $urlbase"<<EOF

39 [$blogtitle]板に${action}がありました。

40 場所: $blogurl

41 題目: $blogtitle

42 筆者: `gecos $2`

43 内容:

44 `echo "$3"|sed 's/^/> /'`

45 EOF

46 )

47 blog_showentry() {

48 # $1=table $2=rowid

49 # if [ -n "$2" ]; then

50 # if [ -n "$imgcached" ]; then

51 # bstmpdir=$tmpdir/$imgcached/$thumbxy

52 # else

53 # bstmpdir=$tmpd

54 # # tmpd=`mktempd`

55 # # tmpfiles=$tmpfiles" $tmpd"

56 # fi

57 # fi

58 td=`getcachedir "article/$2"`

59 tbl=${1%%[!A-Z0-9a-z_]*} rowid=${2%%[!A-Z0-9a-z_]*}

60 err rowid=$rowid, '$2'=$2

61 ts=${tbl}_s tm=${tbl}_m

62 at=article as=article_s am=article_m

63 serial=$(($(date +%s)-1420038000))s$$

64 blog_writable $rowid $user && iswritable=true || iswritable=false

65 # This function grasps blog entry definiton directly.

66 # blog: id

67 # blog_s: title,ctime,heading

68 # blog_m: *article

70 # 2015-10-05 check readable

71 if ! $iswritable; then

72 blogowner=`getvalbyid blog owner "$2"`

73 # err blogowner=$blogowner

74 if isgroup $blogowner; then

75 regmode=`getgroupattr $blogowner regmode`

76 # err regmode=$regmode

77 if [ x"$regmode" = x"moderated" ]; then

78 if ! ismember $user $blogowner; then

79 echo "加入してからどうぞ" | html p

80 return

81 fi

82 fi

83 fi

84 fi

86 err "SELECT id from $tbl where rowid=$rowid"

87 id=`query "select id from $tbl where rowid=$rowid;"`

88 err id=$id

89 err "select val from $ts where key='title' and id='$id';"

92 #(1)Display root article

93 cat<<EOF

94 <form class="replyblog" action="$myname?replyblog+${rowid}#bottom" method="POST" enctype="multipart/form-data">

95 <table class="bloghead">

96 EOF

98 href="<a href=\"?editheading+$rowid\"> 編集 </a>"

99 if $iswritable; then

100 href2="<a href=\"?lshandout+$rowid\"> 提出状況 </a>"

101 href3="(<a href=\"?gethandout+$rowid\">ファイル取得</a>)"

102 fi

103 cat<<EOF | sq -html $db \

104 | sed -e "s|$<TR><TD>$,e,|\1 $href |" \

105 -e "s|,s,$</TD>$|$href2$href3\1|"

106 -- select val from $ts where key="title" and id="$id";

107 select

108 coalesce((select ",e," from blog where rowid=$rowid and author='$user'),'')

109 ||val||" "

110 ||case (select val from $ts where key="mode" and id="$id")

111 when 'report-closed' then "レポート提出用(自身のファイルのみ参照可),s,"

112 when 'report-open' then "レポート提出用,s,"

113 else ""

114 end

115 from $ts where key="ctime" and id="$id";

116 select val from $ts where key="heading" and id="$id";

117 EOF

118 cat<<EOF

119 </table>

120 <table class="blog_replies">

121 EOF

122

123 #(2)Display following articles

124 textform='<div><table class="b">

125 <tr><td><textarea name="text" cols="40" rows="4"></textarea></td></tr>

126 <tr><td>添付ファイル: <input type="file" name="image" multiple></td></tr>

127 </table>

128 <input type="submit" value="送信">

129 <input type="reset" value="リセット"></div>

130 '

131 ## 6/11の次: articleを出して行く

132 : <<EOF

133 シリアル:id:p:serial:

134 blogID:blogid:f:blog(id):

135 筆者:author:s:owner

136 時刻:ctime:s:stamp:

137 参照元:parent:s:parent:

138 パス:path:s:path:

139 本文:text:s:textarea:cols="60" rows="8"

140 画像:image:m:image:

141 stage:stage:x:hidden:value="replyblog"

142

143 article(id, blogid, author)

144 article_s: Visible = ctime, text Invisible = parent, path

145 article_m: image

146

147 article = hoge|1433812374x20849|yuuji@gentei.org

148 article_s = hoge|ctime|string|2015-06-13 12:27:34|

149 hoge|text|string|Shall we dance?|

150 EOF

151 ##

152 ##

153 err "select id from $at where blogid='$id';"

154 # arts=`sq $db "select a.rowid,a.id,

155 #-- coalesce(b.gecos, a.author)

156 # a.author from $at a

157 # LEFT JOIN (select name,val as gecos from user_s where key='gecos') b

158 # on a.author=b.name where blogid='$id'";`

159 arts=`query "select rowid,id,author from $at where blogid='$id';"`

160 # err arts="[$arts]"

161 number=0

162 hrefhome0="<a href=\"?home"

163 for a in $arts; do

164 arid=${a%%\|*} aid=`echo "$a"|cut -d'|' -f2` author=${a##*\|} imgs=""

165 ## err a=$a, aid=$aid, author=$author

166 ## err td=$td

167 val=`getvalbyid article image "$arid" "$td"`

168 ## err val="[$val]" and td as follows:

169

170 if [ -n "$val" ]; then

171 hrfb="$myname?showattc+article_m"

172 imgs="<br>"$(echo "$val"\

173 |while read fn; do

174

175 #data=`percenthex $td/$fn`

176 #ct=`cat $td/$fn.content-type`

177 sz=`cat $td/$fn.size`

178 ri=`cat $td/$fn.rowid`

179 ## err fn=$fn ct=$ct ri=$ri ls::: "`ls -lF $td/`"

180 iconhref2 $td/$fn "$hrfb+$ri" "$fn" "$fn($sz)"

181 echo "<br>"

182 done)

183 imgs=`echo "$imgs"|tr -d '\n'` # kill newlines for sed

184 fi

185

186 ### number=$((number+1))

187 # reply="<input type=\"radio\" name=\"parent\" class=\"replybtn\" \

188 # value=\"$number\">"

189 getgecos="(select rowid from user where name='$author')||':'||\

190 coalesce((select val from user_s \

191 where name='$author' and key='gecos'), '$author')||',[/a],'"

192 href="$myname?editart+$arid+$rowid"

193 link="<a href=\"$href\">編集</a>"

194 cat<<EOF | sq -html $db \

195 | sed -e "s|,n,$[0-9]*$:|,n,$hrefhome0+\1\">|" \

196 -e 's|,\[/a\],|</a>|' \

197 -e 's/,n,/<br>/g' -e "s|,i,|$imgs|" \

198 -e "s|<TR>$<TD>$|<TR id=\"$aid\">\1|" \

199 -e "s|^href=$[-A-Za-z0-9,.:/~_%#&+?]*$|<a &>\1</a>|" \

200 -e "s|$<TR.*>$$<TD>$,e,|\1\2$link|"

201 select

202 coalesce((select ",e," from article where id='$aid' and author='$user'),"")

203 ||

204 max(case key when 'ctime' then ",n,"||val||

205 ",n,"||$getgecos end) as TIME,

206 -- max(case key when 'parent' then val||"への返信" end) as REPLYTO,

207 max(case key when 'text' then val||",i," end) as TEXT

208 from article_s where id = '$aid'

209 group by id order by TIME;

210 EOF

211 done

212 echo "</table>"

213

214

215 $iswritable && cat<<EOF

216 <div class="blogcomment">

217 <p>コメント記入</p>

218 <input type="hidden" name="blogid" value="$id">

219 <input type="hidden" name="stage" value="replyblog">

220 <input type="hidden" name="serial" value="$serial">

221 $textform

222 </div>

223 EOF

224 echo "</form><p id=\"bottom\"></p>"

225 # Record access log

226 acclog blog $rowid

227 }

228

229 blog_showentry2() {

230 # $1=table $2=rowid

231 # if [ -n "$2" ]; then

232 # if [ -n "$imgcached" ]; then

233 # bstmpdir=$tmpdir/$imgcached/$thumbxy

234 # else

235 # bstmpdir=$tmpd

236 # # tmpd=`mktempd`

237 # # tmpfiles=$tmpfiles" $tmpd"

238 # fi

239 # fi

240 td=`getcachedir "article/$2"`

241 tbl=${1%%[!A-Z0-9a-z_]*} rowid=${2%%[!A-Z0-9a-z_]*}

242 err rowid=$rowid, '$2'=$2

243 ts=${tbl}_s tm=${tbl}_m

244 at=article as=article_s am=article_m

245 serial=$(($(date +%s)-1420038000))s$$

246 blog_writable $rowid $user && iswritable=true || iswritable=false

247 # This function grasps blog entry definiton directly.

248 # blog: id

249 # blog_s: title,ctime,heading

250 # blog_m: *article

251

252 # 2015-10-05 check readable

253 if ! $iswritable; then

254 blogowner=`getvalbyid blog owner "$2"`

255 # err blogowner=$blogowner

256 if isgroup $blogowner; then

257 regmode=`getgroupattr $blogowner regmode`

258 # err regmode=$regmode

259 if [ x"$regmode" = x"moderated" ]; then

260 if ! ismember $user $blogowner; then

261 echo "加入してからどうぞ" | html p

262 return

263 fi

264 fi

265 fi

266 fi

267

268 err "SELECT id from $tbl where rowid=$rowid"

269 id=`query "select id from $tbl where rowid=$rowid;"`

270 err id=$id

271 err "select val from $ts where key='title' and id='$id';"

272

273

274 #(1)Display root article

275 cat<<EOF

276 <form class="replyblog" action="$myname?replyblog+${rowid}#bottom" method="POST" enctype="multipart/form-data">

277 <table class="bloghead">

278 EOF

279

280 href="<a href=\"?editheading+$rowid\"> 編集 </a>"

281 if $iswritable; then

282 href2="<a href=\"?lshandout+$rowid\"> 提出状況 </a>"

283 href3="(<a href=\"?gethandout+$rowid\">ファイル取得</a>)"

284 fi

285 cat<<EOF | sq -html $db \

286 | sed -e "s|$<TR><TD>$,e,|\1 $href |" \

287 -e "s|,s,$</TD>$|$href2$href3\1|"

288 -- select val from $ts where key="title" and id="$id";

289 select

290 coalesce((select ",e," from blog where rowid=$rowid and author='$user'),'')

291 ||val||" "

292 ||case (select val from $ts where key="mode" and id="$id")

293 when 'report-closed' then "レポート提出用(自身のファイルのみ参照可),s,"

294 when 'report-open' then "レポート提出用,s,"

295 else ""

296 end

297 from $ts where key="ctime" and id="$id";

298 select val from $ts where key="heading" and id="$id";

299 EOF

300 cat<<EOF

301 </table>

302 <table class="blog_replies">

303 EOF

304

305 lkhome="<a href=\"$myname?home" lke='">'

306 lkedit="<a href=\"$myname?editart"

307 if false; then

308 sq -html $db<<EOF |

309 WITH a_s AS (

310 SELECT id,

311 max(CASE key WHEN 'ctime' THEN val END) TIME,

312 max(CASE key WHEN 'text' THEN val END) TEXT

313 FROM article_s

314 GROUP by id

315 )

316 SELECT 'id:'||a.id,

317 CASE author

318 WHEN '$user' THEN 'ed:'||a.rowid||':'||$rowid

319 ELSE 'e0:'

320 END edit,

321 'at:'||(SELECT rowid FROM user WHERE name=author)||':'

322 ||coalesce((SELECT val FROM user_s

323 WHERE name=author AND key='gecos'),

324 author),

325 'ti:'||s.TIME,

326 'te:'||s.TEXT,

327 'im:'||(SELECT group_concat(hex(bin)

328 FROM (select rowid,id,author from article where blogid in

329 (select id from blog where rowid=$rowid)) a

330 LEFT JOIN

331 a_s s

332 ON a.id=s.id;

333 EOF

334 sed -e "s|^<TR><TD>id:$.*$</TD>|<TR id=\"\1\"><TD>|" \

335 -e "/^<TR/N" -e 's/\n//' \

336 -e "s|<TD>ed:$[0-9]*$:$.*$</TD>|$lkedit+\1+\2${lke}編集</a>|" \

337 -e "s|<TD>e0:</TD>||" \

338 -e "s|^<TD>at:$[0-9]*$:$.*$</TD>|$lkhome+\1$lke\2</a>|" \

339 -e "s|^<TD>ti:$.*$</TD>|\1</TD>|" \

340 -e "s|^<TD>te:$.*$|<TD>\1|"

341 else

342 hlink="$myname?home" elink="$myname?editart"

343 catlink="$myname?showattc+article_m"

344 deficon="img/file-icon.png"

345 sq $db<<EOF |

346 WITH a_s AS (

347 SELECT id,

348 max(CASE key WHEN 'ctime' THEN val END) TIME,

349 max(CASE key WHEN 'text' THEN val END) TEXT

350 FROM article_s

351 GROUP by id

352 )

353 SELECT a.id,

354 CASE author

355 WHEN '$user' THEN a.rowid||'+'||$rowid

356 ELSE ''

357 END edit,

358 (SELECT rowid FROM user WHERE name=author) user_rid,

359 coalesce((SELECT val FROM user_s

360 WHERE name=author AND key='gecos'),

361 author) uname,

362 s.TIME,

363 hex(s.TEXT),

364 (SELECT group_concat(rowid||':'||length(bin)||':'||hex(val), ' ')

365 FROM article_m

366 WHERE id=a.id AND key='image') imxgids

367 FROM (select rowid,id,author from article where blogid in

368 (select id from blog where rowid=$rowid)) a

369 LEFT JOIN

370 a_s s

371 ON a.id=s.id;

372 EOF

373 while IFS='|' read id edit uid uname tm hte imgids; do

374 cat<<EOF

375 <tr id="$id">

376 <td>${edit:+<a href="$elink+$edit">編集</a>}

377 <a href="$hlink+$uid">$uname</a>

378 $tm</td><td>`echo "$hte"|unhexize|htmlescape`

379 EOF

380 for i in $imgids; do

381 mrid=${i%%:*}; i=${i#*:}; sz=`size_h ${i%%:*}`

382 fn=`echo "${i#*:}"|unhexize`

383 fnb=$fn"(${sz})"

384 # echo r=$mrid fn=$fn

385 case "$fn" in

386 *.[Pp][Nn][Gg]|*.[Jj][Pp][Gg])

387 sq $db "SELECT hex(bin) FROM article_m WHERE rowid=$mrid" \

388 | unhexize \

389 | convert -define jpeg:size=100x100 -resize 100x100'>' - jpeg:- \

390 | hexize \

391 | sed -e 's/$..$/%\1/g' \

392 -e "s|^|<a href=\"$catlink+$mrid\"><img src=\"data:image/jpeg,|" \

393 -e "s|\$|\">$fnb</a>|"

394 ;;

395 *)

396 echo "<a href=\"$catlink+$mrid\"><img src=\"$deficon\">$fnb</a>"

397 ;;

398 esac

399 done

400 done

401 fi

402

403 textform='<div><table class="b">

404 <tr><td><textarea name="text" cols="40" rows="4"></textarea></td></tr>

405 <tr><td>添付ファイル: <input type="file" name="image" multiple></td></tr>

406 </table>

407 <input type="submit" value="送信">

408 <input type="reset" value="リセット"></div>

409 '

410 echo '</table>'

411

412 $iswritable && cat<<EOF

413 <div class="blogcomment">

414 <p>コメント記入</p>

415 <input type="hidden" name="blogid" value="$id">

416 <input type="hidden" name="stage" value="replyblog">

417 <input type="hidden" name="serial" value="$serial">

418 $textform

419 </div>

420 EOF

421 echo "</form><p id=\"bottom\"></p>"

422 # Record access log

423 acclog blog $rowid

424 }

425

426 lshandout() {

427 # $1=rowid of blog

428 if ! blog_writable $1 $user; then

429 echo "メンバー以外は利用できません。" | html p; return

430 fi

431 time=`getvalbyid blog ctime $1|colrm 11`

432 owner=`getvalbyid blog owner $1`

433 title=`getvalbyid blog title $1`

434 ge=`gecos $owner`

435 lshandoutsub $owner "$@" \

436 |m4 -D_TITLE_="提出状況" \

437 -D_FORMHEAD_="$time [$title]@${ge:-$owner}" \

438 -D_FORM_="syscmd(cat)" -D_DUMPHEAD_= -D_DUMPTABLE_= \

439 $layout/html.m4.html $layout/form+dump-whead.m4.html

440 }

441 lshandoutsub() {

442 # $1=owner $2=rowid of blog

443 if isgroup $1; then

444 sample="(select user from grp_mem where gname='$1')"

445 else

446 sample="(select distinct author as user from arts)"

447 echo "(集計は板への投稿者のみ)" | html p

448 fi

449 sql="with arts as (select id,author from article \

450 where blogid=(select id from blog where rowid=$2))\

451 select (select rowid from user where name=c0.user)||' '|| \

452 coalesce((select val from user_s where name=c0.user \

453 and key='gecos'),\

454 c0.user) as 'メンバー',\

455 sum(case when c1.key is not null then 1 else 0 end)\

456 as 'コメント記入',\

457 sum(case when c2.key is not null then 1 else 0 end)\

458 as 'ファイルの提出'\

459 from $sample c0 \

460 left join (select id,author from arts) a\

461 on c0.user=a.author\

462 left join (select id,key from article_s where key='text') c1\

463 on a.id=c1.id left join (select id,key from article_m ) c2\

464 on c1.id=c2.id group by c0.user order by c0.user;"

465 err ishandoutsub: sql="$sql"

466 echo '<table class="b td2r td3r">'

467 hrb="<a href=\"?home+"

468 echo "$sql" | sq -header -html $db \

469 | sed -e "s,$<TR><TD>$$[^ ]*$ $.*$</TD>,\1$hrb\2\">\3</TD>," -e 's,<TD>0</TD>,<TD class="warn">0</TD>,'

470 echo '</table>'

471 }

472 gethandout() {

473 # $1=rowid of blog

474 if ! blog_writable $1 $user; then

475 echo "メンバー以外は利用できません。" | html p; return

476 fi

477 i=0

478 bd=$tmpd/archive.$$

479 mkdir $bd

480 query "select m.rowid,author,m.val from article a join article_m m\

481 on a.id=m.id where blogid=(select id from blog where rowid=$1)\

482 and m.key in ('image', 'document', 'binary');" \

483 | while IFS='|' read rowid author filename; do

484 # err isfilereadable $user article_m $rowid

485 isfilereadable $user article_m $rowid || continue

486 # err ok

487 i=$((i+1))

488 dir=`printf $bd/%03d $i`

489 mkdir $dir

490 query "select quote(bin) from article_m where rowid=$rowid;" \

491 | unhexize > $dir/$filename

492 done

493 if [ ! -d $bd/001 ]; then

494 contenttype; echo

495 echo "取得できるファイルがありませんでした。" | html p

496 return

497 fi

498 (cd $bd

499 err cdto$bd; (pwd; ls -lFa) 1>&3

500 tar zcf .archive.tar.gz * && mv .archive.tar.gz archive.tar.gz

501 )

502 arc=$bd/archive.tar.gz

503 echo "Content-type: application/x-gzip"

504 echo "Content-Length: `cat $arc|wc -c`"

505 echo "Content-Disposition: filename=\"archive.tar.gz\""

506 echo

507 cat $arc

508 }

509 lsmyfile() { # $1(optional)=SortBy

510 case "$1" in

511 ""|CTIME-DESC)

512 by="CTIME" ord="DESC" ;;

513 CTIME*) by="CTIME" ;;

514 FILE*) by="FILE" ;;

515 OWNER*) by="OWNER" ;;

516 TITLE*) by="TITLE" ;;

517 esac

518 case "$1" in

519 *DESC) ord="DESC" ;;

520 esac

521 case "$ord" in

522 DESC) lkod="" jord="降順" ;;

523 *) lkod="-DESC" jord="昇順" ;;

524 esac

525 sql="select m.val||'/'||m.rowid FILE,

526 coalesce(

527 case when (select name from user where name=bs.owner)

528 is not null

529 then (select val from user_s where name=bs.owner

530 and key='gecos')

531 when (select gname from grp where gname=bs.owner)

532 is not null

533 then (select val from grp_s where gname=bs.owner

534 and key='gecos')

535 else

536 null

537 end,

538 bs.owner

539 ) OWNER,

540 a_s.val CTIME,

541 ',t,'||bs.title||':'||b.rowid||'#'||a.id TITLE

542 from (select rowid,id,val from article_m where id

543 in (select id from article where author='$user')

544 and type like 'file:%')

545 m left join article a on m.id=a.id

546 left join article_s a_s on a.id=a_s.id and a_s.key='ctime'

547 left join (select id,

548 max(case key when 'owner' then val end) as owner,

549 max(case key when 'title' then val end) as title

550 from blog_s group by id)

551 bs on a.blogid=bs.id

552 left join blog b on bs.id=b.id

553 where m.val is not null order by $by $ord;"

554 err lshandoutbyauthor: sql=`echo "$sql"`

555 title="個人提出ファイル"

556 m4 -D_TITLE_=$title $layout/html.m4.html

557 hra="<a href=\"?lsmyfile+"

558 hrb="<a href=\"?showattc+article_m+"

559 hrc="<a href=\"?replyblog+"

560 (echo '<table class="b">'

561 echo "$sql"|sq -html -header $db ) \

562 | sed -e "s|$<TR><TD>$$[^/]*$/$[0-9]*$|\1$hrb\3\">\2</a>|" \

563 -e "s|,t,$.*$:$[^<]*$$</TD>$|$hrc\2\">\1</a>\3|" \

564 -e "s|$<TH>$$[A-Z]*$$</TH>$|\1$hra\2$lkod\">\2</a>|" \

565 | m4 -D_TITLE_=$title -D_FORM_="<p>($by$jord)</p>" \

566 -D_DUMPTABLE_="syscmd(cat)" $layout/form+dump.m4.html

567 echo '</table>'

568 }

569 searchart() {

570 kwd=`getpar kwd`

571 if [ -z "$kwd" ]; then

572 echo "検索語を指定してください" | html p; return

573 fi

574 owner=`getpar owner`

575 owner=${owner:-$1}

576 echo "「$kwd」による検索結果" | html p

577 if [ -n "$owner" ]; then

578 cond="where key='owner' and val='$owner'"

579 if isuser $owner; then

580 echo "(`linkhome $owner` さんの記録からの検索)" | html p

581 else

582 linkhome $owner 1>&3

583 echo "(`linkhome $owner` グループからの検索)" | html p

584 fi

585 fi

586 # article_s: id=article-id, key='text', val='TEXT'

587 # article: id=article-id, blogid=blogkd

588 # blog: id=blog-id, author=LeaderAuthor

589 # blog_s: id=blog-id, key='title', val='BLOG-TITLE'

590 # WANT: blog-ROWid,article-id,val(TEXT)

591 sql="select b.rowid||'#'||x.id as '',

592 b.title as TITLE,

593 substr(x.val, 0, 80) as TEXT

594 from (select blog.rowid,blog.*,bs.val as title from blog join blog_s bs

595 on blog.id=bs.id and bs.key='title') b

596 join

597 (select a.id,a.blogid,s.val from article a join article_s s

598 on a.id=s.id where s.val like '%$kwd%')

599 x on b.id=x.blogid

600 where b.id in (select id from blog_s

601 $cond);"

602 sedopt="s,<TR><TD>$[^<]*$</TD>,<TR><TD><a\

603 href=\"?replyblog+\1\">VIEW</a></TD>,"

604 cat<<EOF

605 <table class="b searchart">

606 `sq -header -html $db "$sql"|sed "$sedopt"`

607 </table>

608 EOF

609 }

610 listblog() (

611 # $1={user,group}

612 qow=`sqlquote $1`

613 cond="where a.id in (select id from blog_s where key='owner' and val=$qow) order by ctime desc"

614 DT_CHLD=article:blogid

615 cgi_form searchart<<EOF

616 <label>`cgi_text kwd`という語を含む記事をこの一覧から検索</label>

617 `cgi_hidden owner $user`

618 EOF

619 dumptable html blog 'ctime title heading' "$cond"

620 )

621

622 blog_addentry() {

623 # $1=GRPname(if it is a group)

624 grprowid=$1

625 rowid=`getpar rowid`

626 err blog_addentry0: rowid=$rowid

627 if [ -n "$grprowid" ]; then

628 owner=`getgroupbyid $grprowid`

629 else

630 owner=`getpar owner`

631 fi

632 err blog-add: \$1=$1 rowid=$rowid owner=$owner

633 if isgroup $owner; then

634 groupmode=1 listing=$owner guide="[${owner}]" GF_OWNER=$owner

635 else

636 usermode=1 listing=$user guide="[個人]"

637 fi

638

639 if [ -n "`getpar title`" ]; then

640 if [ "$usermode" ]; then

641 err usermode: user=$user owner=$owner

642 if [ x"$user" != x"$owner" ]; then

643 echo "他人の日記は書けません" | html p

644 return 2

645 fi

646 elif [ "$groupmode" ]; then # if write to group log

647 grp=$owner #\`getpar grp\`

648 err ismember: $user $grp

649 if ! ismember "$user" "$grp"; then

650 echo "(話題作成はこのグループに加入してから)" | html p

651 return 3

652 fi

653 fi

654 par2table $formdir/blog.def

655 serial=`getpar serial`

656 err SERIAL: $serial ROWID=$rowid listing=$listing

657 id=""

658 if [ -n "$rowid" ]; then

659 # Here, id becomes NULL when removal of entries at par2table

660 id=`query "select rowid from blog where rowid=$rowid;"`

661 elif [ -n "$serial" ]; then

662 # If new blog leader created, traverse to its head.

663 id=`query "select rowid from blog where id='$serial';"`

664 err new-Leader: "select rowid from blog where id='$serial';" id=$id

665 fi

666 if [ -n "$id" ]; then

667 ## If new aritcle is entered, JUMP to blog_reply

668 blog_reply $id

669 return

670 fi

671 fi

672 echo "${guide}新規話題作成" > $tmpd/title.$$

673 listblog $listing > $tmpd/listblog.$$

674 genform $formdir/blog.def \

675 | m4 -D_TITLE_="spaste(\`$tmpd/title.$$')" \

676 -D_FORMHEAD_="序文は簡単に詳しくはコメントに" \

677 -D_DUMPHEAD_="これまでの蓄積" \

678 -D_FORM_="syscmd(\`cat')" \

679 -D_DUMPTABLE_="spaste(\`$tmpd/listblog.$$')" \

680 $layout/html.m4.html \

681 $layout/form+dump-whead.m4.html

682 }

683

684 blog_reply() {

685 rowid=$1

686 err rowid=$1

687

688 if [ -z "$rowid" ]; then

689 echo "表示する日記番号が未指定です。" | html p

690 return

691 fi

692 title=`getvalbyid blog title $rowid`

693 owner=`getvalbyid blog owner $rowid`

694 if isuser "$owner"; then

695 subtitle="`gecos $owner` さんの話題"

696 else

697 grprowid=`query "select rowid from grp where gname=\"$owner\";"`

698 subtitle="グループ <a href=\"?grp+$grprowid\">$owner</a> での話題"

699 fi

700 if [ -z "$title" ]; then

701 echo "日記番号指定が無効です。" | html p

702 return

703 fi

704

705 text=`getpar text`

706 if [ -n "$text" ]; then

707 if blog_writable $rowid $user; then

708 par2table $formdir/article.def

709 st=$? # ; err par2t-st=$st

710 case $st in

711 0|4)

712 [ "$st" = "4" ] && act="書込削除"

713 blog_notify_reply $rowid $user "$text" $act ;;

714 esac

715 else

716 title="$title(加入してないので書き込み不可)"

717 fi

718 fi

719 def=$formdir/article.def

720 echo "$title" > $tmpd/title.$$

721 echo "$subtitle" > $tmpd/subtitle.$$

722 ${BLOG_SHOW:-blog_showentry} blog $rowid \

723 | m4 -D_TITLE_="spaste(\`$tmpd/title.$$')" -D_BODYCLASS_=general \

724 -D_FORMHEAD_="spaste(\`$tmpd/subtitle.$$')" -D_FORM_="" \

725 -D_DUMPTABLE_="syscmd(cat)" -D_DUMPHEAD_="" \

726 $layout/html.m4.html $layout/form+dump-whead.m4.html

727 }