s4
view s4-blog.sh @ 63:da23cad20e4a
Permission check fixed
| author | HIROSE Yuuji <yuuji@gentei.org> |
|---|---|
| date | Mon, 27 Jul 2015 17:37:30 +0900 |
| parents | 916d81b9c4fc |
| children | 54bbd7ce3766 |
line source
1 #
2 type cgiinit >/dev/null 2>&1 || . ./s4-funcs.sh
4 blog_genform() {
5 #
6 t=$1
7 }
9 blog_writable() (
10 # $1=articleid $2=user
11 blogowner=`getvalbyid blog owner "$1"`
12 [ x"$blogowner" = x"$2" ] || isuser "$blogowner" || ismember "$2" "$blogowner"
13 )
14 blog_notify_reply() (
15 # $1=articleid $2=ReplyingUser $3=WrittenText
16 blogowner=`getvalbyid blog owner "$1"`
17 [ x"$2" = x"$blogowner" ] && return # If author=blogowner, unnecessary
18 blogtitle=`getvalbyid blog title "$1"`
19 blogurl="$urlbase?replyblog+$1"
20 mode=`getvalbyid blog notify "$1"`
21 case $mode in
22 admin)
23 if isgroup "$blogowner"; then
24 emails=`for i in $(getgroupadmins $blogowner); do\
25 [ x"$i" = x"$user" ] && continue;\
26 email4group "$blogowner" "$i" ;\
27 done`
28 else
29 emails=`collectemail $blogowner`
30 fi
31 ;;
32 no) return ;;
33 *) emails=`collectemail $blogowner` ;;
34 esac
35 err notify: user=$user Admins=`getgroupadmins $blogowner` Mode=$mode Emails="[$emails]"
36 smail "$emails" "書込通知 $urlbase"<<EOF
37 [$blogtitle]板に書き込みがありました。
38 場所: $blogurl
39 題目: $blogtitle
40 筆者: `gecos $2`
41 内容:
42 `echo "$3"|sed 's/^/> /'`
43 EOF
44 )
45 blog_showentry() {
46 # $1=table $2=rowid
47 if [ -n "$2" ]; then
48 if [ -n "$imgcached" ]; then
49 bstmpdir=$tmpdir/$imgcached/$thumbxy
50 else
51 bstmpdir=$tmpd
52 # tmpd=`mktempd`
53 # tmpfiles=$tmpfiles" $tmpd"
54 fi
55 fi
56 tbl=${1%%[!A-Z0-9a-z_]*} rowid=${2%%[!A-Z0-9a-z_]*}
57 err rowid=$rowid, '$2'=$2
58 ts=${tbl}_s tm=${tbl}_m
59 at=article as=article_s am=article_m
60 serial=$(($(date +%s)-1420038000))s$$
61 # This function grasps blog entry definiton directly.
62 # blog: id
63 # blog_s: title,ctime,heading
64 # blog_m: *article
66 err "SELECT id from $tbl where rowid=$rowid"
67 id=`query "select id from $tbl where rowid=$rowid;"`
68 err id=$id
69 err "select val from $ts where key='title' and id='$id';"
72 #(1)Display root article
73 cat<<EOF
74 <form class="replyblog" action="$myname?replyblog+$rowid" method="POST" enctype="multipart/form-data">
75 <table class="bloghead">
76 EOF
78 href="<a href=\"?editheading+$rowid\"> 編集 </a>"
79 href2="<a href=\"?lshandout+$rowid\"> 提出状況 </a>"
80 href3="(<a href=\"?gethandout+$rowid\">ファイル取得</a>)"
81 cat<<EOF | sq -html $db \
82 | sed -e "s|\(<TR><TD>\),e,|\1 $href |" \
83 -e "s|,s,\(</TD>\)|$href2$href3\1|"
84 -- select val from $ts where key="title" and id="$id";
85 select
86 coalesce((select ",e," from blog where rowid=$rowid and author='$user'),'')
87 ||val||" "
88 ||case (select val from $ts where key="mode" and id="$id")
89 when 'report-closed' then "レポート提出用(自身のファイルのみ参照可),s,"
90 when 'report-open' then "レポート提出用,s,"
91 else ""
92 end
93 from $ts where key="ctime" and id="$id";
94 select val from $ts where key="heading" and id="$id";
95 EOF
96 cat<<EOF
97 </table>
98 <table class="blog_replies">
99 EOF
101 #(2)Display following articles
102 textform='<div><table class="b">
103 <tr><td><textarea name="text" cols="40" rows="4"></textarea></td></tr>
104 <tr><td>添付ファイル: <input type="file" name="image" multiple></td></tr>
105 </table>
106 <input type="submit" value="送信">
107 <input type="reset" value="リセット"></div>
108 '
109 ## 6/11の次: articleを出して行く
110 : <<EOF
111 シリアル:id:p:serial:
112 blogID:blogid:f:blog(id):
113 筆者:author:s:owner
114 時刻:ctime:s:stamp:
115 参照元:parent:s:parent:
116 パス:path:s:path:
117 本文:text:s:textarea:cols="60" rows="8"
118 画像:image:m:image:
119 stage:stage:x:hidden:value="replyblog"
121 article(id, blogid, author)
122 article_s: Visible = ctime, text Invisible = parent, path
123 article_m: image
125 article = hoge|1433812374x20849|yuuji@gentei.org
126 article_s = hoge|ctime|string|2015-06-13 12:27:34|
127 hoge|text|string|Shall we dance?|
128 EOF
129 ##
130 ##
131 err "select id from $at where blogid='$id';"
132 # arts=`sq $db "select a.rowid,a.id,
133 #-- coalesce(b.gecos, a.author)
134 # a.author from $at a
135 # LEFT JOIN (select name,val as gecos from user_s where key='gecos') b
136 # on a.author=b.name where blogid='$id'";`
137 arts=`query "select rowid,id,author from $at where blogid='$id';"`
138 # err arts="[$arts]"
139 number=0
140 hrefhome0="<a href=\"?home"
141 for a in $arts; do
142 arid=${a%%\|*} aid=`echo "$a"|cut -d'|' -f2` author=${a##*\|} imgs=""
143 err a=$a, aid=$aid, author=$author
144 # name='' # Get gecos??
145 td=$(echo $bstmpdir/`echo $a|md5`)
146 val=`getvalbyid article image "$arid" "$td"`
147 err val="[$val]" and td as follows:
149 if true; then
150 if [ -n "$val" ]; then
151 hrfb="$myname?showattc+article_m"
152 imgs="<br>"$(echo "$val"\
153 |while read fn; do
155 #data=`percenthex $td/$fn`
156 #ct=`cat $td/$fn.content-type`
157 ri=`cat $td/$fn.rowid`
158 err fn=$fn ct=$ct ri=$ri; ls -lF $td/ 1>&3
159 iconhref $td/$fn "$hrfb+$ri" "$fn" "$fn"
160 done)
161 imgs=`echo "$imgs"|tr -d '\n'` # kill newlines for sed
162 fi
163 fi
165 ### number=$((number+1))
166 # reply="<input type=\"radio\" name=\"parent\" class=\"replybtn\" \
167 # value=\"$number\">"
168 getgecos="(select rowid from user where name='$author')||':'||\
169 coalesce((select val from user_s \
170 where name='$author' and key='gecos'), '$author')||',[/a],'"
171 href="$myname?editart+$arid+$rowid"
172 link="<a href=\"$href\">編集</a>"
173 cat<<EOF | sq -html $db \
174 | sed -e "s|,n,\([0-9]*\):|,n,$hrefhome0+\1\">|" \
175 -e 's|,\[/a\],|</a>|' \
176 -e 's/,n,/<br>/g' -e "s|,i,|$imgs|" \
177 -e "s|<TR>\(<TD>\)|<TR id=\"$aid\">\1|" \
178 -e "s|^href=\([-A-Za-z0-9,.:/~_%#&+?]*\)|<a &>\1</a>|" \
179 -e "s|\(<TR.*>\)\(<TD>\),e,|\1\2$link|"
180 select
181 coalesce((select ",e," from article where id='$aid' and author='$user'),"")
182 ||
183 max(case key when 'ctime' then ",n,"||val||
184 ",n,"||$getgecos end) as TIME,
185 -- max(case key when 'parent' then val||"への返信" end) as REPLYTO,
186 max(case key when 'text' then val||",i," end) as TEXT
187 from article_s where id = '$aid'
188 group by id order by TIME;
189 EOF
190 done
191 echo "</table>"
194 blog_writable $rowid $user && cat<<EOF
195 <div class="blogcomment">
196 <p>コメント記入</p>
197 <input type="hidden" name="blogid" value="$id">
198 <input type="hidden" name="stage" value="replyblog">
199 <input type="hidden" name="serial" value="$serial">
200 $textform
201 </div>
202 EOF
203 echo "</form>"
205 # Record access log
206 acclog blog $rowid
207 }
209 lshandout() {
210 # $1=rowid of blog
211 time=`getvalbyid blog ctime $1|colrm 11`
212 owner=`getvalbyid blog owner $1`
213 title=`getvalbyid blog title $1`
214 ge=`gecos $owner`
215 lshandoutsub $owner "$@" \
216 |m4 -D_TITLE_="提出状況" \
217 -D_SUBTITLE_="$time [$title]@${ge:-$owner}" -D_DIARY_="" \
218 -D_FORM_="syscmd(cat)" -D_BLOGS_= -D_DUMPTABLE_= \
219 $layout/html.m4.html $layout/diary.m4.html
220 }
221 lshandoutsub() {
222 # $1=owner $2=rowid of blog
223 if isgroup $1; then
224 sample="(select user from grp_mem where gname='$1')"
225 else
226 sample="(select distinct author as user from arts)"
227 echo "<p>(集計は板への投稿者のみ)</p>"
228 fi
229 sql="with arts as (select id,author from article \
230 where blogid=(select id from blog where rowid=$2))\
231 select (select rowid from user where name=c0.user)||' '|| \
232 coalesce((select val from user_s where name=c0.user \
233 and key='gecos'),\
234 c0.user) as 'メンバー',\
235 sum(case when c1.key is not null then 1 else 0 end)\
236 as 'コメント記入',\
237 sum(case when c2.key is not null then 1 else 0 end)\
238 as 'ファイルの提出'\
239 from $sample c0 \
240 left join (select id,author from arts) a\
241 on c0.user=a.author\
242 left join (select id,key from article_s where key='text') c1\
243 on a.id=c1.id left join (select id,key from article_m ) c2\
244 on c1.id=c2.id group by c0.user order by c0.user;"
245 err ishandoutsub: sql="$sql"
246 echo '<table class="b td2r td3r">'
247 hrb="<a href=\"?home+"
248 echo "$sql" | sq -header -html $db \
249 | sed -e "s,\(<TR><TD>\)\([^ ]*\) \(.*\)</TD>,\1$hrb\2\">\3</TD>," -e 's,<TD>0</TD>,<TD class="warn">0</TD>,'
250 echo '</table>'
251 }
252 gethandout() {
253 # $1=rowid of blog
254 i=0
255 bd=$tmpd/archive.$$
256 mkdir $bd
257 query "select m.rowid,author,m.val from article a join article_m m\
258 on a.id=m.id where blogid=(select id from blog where rowid=$1)\
259 and m.key in ('image', 'document', 'binary');" \
260 | while IFS='|' read rowid author filename; do
261 # err isfilereadable $user article_m $rowid
262 isfilereadable $user article_m $rowid || continue
263 # err ok
264 i=$((i+1))
265 dir=`printf $bd/%03d $i`
266 mkdir $dir
267 query "select quote(bin) from article_m where rowid=$rowid;" \
268 | unhexize > $dir/$filename
269 done
270 if [ ! -d $bd/001 ]; then
271 contenttype; echo
272 echo "<p>取得できるファイルがありませんでした。</p>"
273 return
274 fi
275 (cd $bd
276 err cdto$bd; (pwd; ls -lFa) 1>&3
277 tar zcf .archive.tar.gz * && mv .archive.tar.gz archive.tar.gz
278 )
279 arc=$bd/archive.tar.gz
280 echo "Content-type: application/x-gzip"
281 echo "Content-Length: `cat $arc|wc -c`"
282 echo "Content-Disposition: filename=\"archive.tar.gz\""
283 echo
284 cat $arc
285 }
287 listblog() (
288 # $1=user
289 cond="where a.id in (select id from blog_s where key='owner' and val='$1') order by ctime desc"
290 DT_CHLD=article:blogid
291 cgi_form searchart<<EOF
292 <label>`cgi_text kwd`という語を含む記事を検索</label>
293 `cgi_hidden owner $user`
294 EOF
295 dumptable html blog 'ctime title heading' "$cond"
296 )
298 blog_addentry() {
299 # $1=GRPname(if it is a group)
300 grprowid=$1
301 rowid=`getpar rowid`
302 err ba: rowid=$rowid
303 #if [ -z "$rowid" ]; then
304 # When rowid is SET, it is updation of existing entry
305 if [ -z "$1" ]; then
306 listing=$user guide="[個人]"
307 #listing代入は rowid 時でもするべき
308 else
309 grp=`getgroupbyid $grprowid`
310 if [ -n "$grp" ]; then
311 listing=$1 guide="[${grp}]" GF_OWNER=$grp
312 else
313 echo "<p>無効なグループ指定です。</p>"
314 return
315 fi
316 fi
317 #fi
318 if [ -n "`getpar title`" ]; then
319 owner=`getpar owner`
320 if isuser $owner; then
321 if [ x"$user" != x"$owner" ]; then
322 echo "<p>他人の日記は書けません</p>"
323 return
324 fi
325 elif isgroup $owner; then # if write to group log
326 grp=$owner #\`getpar grp\`
327 err ismember: $user $grp
328 if ! ismember "$user" "$grp"; then
329 echo "<p>(話題作成はこのグループに加入してから)</p>"
330 return
331 fi
332 fi
333 par2table $formdir/blog.def
334 serial=`getpar serial`
335 err SERIAL: $serial ROWID=$rowid listing=$listing
336 id=""
337 if [ -n "$rowid" ]; then
338 # Here, id becomes NULL when removal of entries at par2table
339 id=`query "select rowid from blog where rowid=$rowid;"`
340 elif [ -n "$serial" ]; then
341 # If new blog leader created, traverse to its head.
342 id=`query "select rowid from blog where id='$serial';"`
343 fi
344 if [ -n "$id" ]; then
345 ## If new aritcle is entered, JUMP to blog_reply
346 blog_reply $id
347 return
348 fi
349 fi
350 m4 -D_TITLE_="${guide}新規話題作成" -D_DIARY_="新規話題の記入" \
351 -D_SUBTITLE_="序文は簡単に詳しくはコメントに" \
352 -D_BLOGS_="これまでの蓄積" \
353 -D_FORM_="`genform $formdir/blog.def`" \
354 -D_DUMPTABLE_="`listblog $listing`" \
355 $layout/html.m4.html \
356 $layout/diary.m4.html
357 }
359 blog_reply() {
360 rowid=$1
361 err rowid=$1
363 if [ -z "$rowid" ]; then
364 echo "<p>表示する日記番号が未指定です。</p>"
365 return
366 fi
367 title=`getvalbyid blog title $rowid`
368 owner=`getvalbyid blog owner $rowid`
369 if isuser "$owner"; then
370 subtitle="`gecos $owner` さんの話題"
371 else
372 grprowid=`query "select rowid from grp where gname=\"$owner\";"`
373 subtitle="グループ <a href=\"?grp+$grprowid\">$owner</a> での話題"
374 fi
375 if [ -z "$title" ]; then
376 echo "<p>日記番号指定が無効です。</p>"
377 return
378 fi
380 text=`getpar text`
381 if [ -n "$text" ]; then
382 if blog_writable $rowid $user; then
383 if par2table $formdir/article.def; then
384 blog_notify_reply $rowid $user "$text"
385 fi
386 else
387 title="$title(加入してないので書き込み不可)"
388 fi
389 fi
390 def=$formdir/article.def
391 cat $layout/html.m4.html $layout/diary.m4.html \
392 | sed '/_DIARY_/q' \
393 | m4 -D_TITLE_="$title" -D_DIARY_="" -D_BODYCLASS_=general \
394 -D_SUBTITLE_="$subtitle"
395 blog_showentry blog $rowid
396 sed '1,/_DIARY_/d' $layout/diary.m4.html | m4 -D_FORM_= -D_DUMPTABLE_=
397 }