File Coverage

blib/lib/Labyrinth/Plugin/Guestbook.pm

Criterion	Covered	Total	%
statement	12	12	100.0
branch			n/a
condition			n/a
subroutine	4	4	100.0
pod			n/a
total	16	16	100.0

line	stmt	sub	time	code
1				package Labyrinth::Plugin::Guestbook;
2
3	5	5	89413	use warnings;
	5		9
	5		201
4	5	5	28	use strict;
	5		7
	5		177
5
6	5	5	22	use vars qw($VERSION);
	5		13
	5		324
7
8				$VERSION = '1.05';
9
10				=head1 NAME
11
12				Labyrinth::Plugin::Guestbook - Guestbook plugin handler for Labyrinth
13
14				=head1 DESCRIPTION
15
16				Contains all the Guestbook handling functionality for the Labyrinth Web
17				Framework.
18
19				=cut
20
21				#----------------------------------------------------------------------------
22				# Libraries
23
24	5	5	25	use base qw(Labyrinth::Plugin::Base);
	5		15
	5		5133
25
26				use Data::Pageset;
27
28				use Labyrinth::Audit;
29				use Labyrinth::DTUtils;
30				use Labyrinth::IPAddr;
31				use Labyrinth::MLUtils;
32				use Labyrinth::Support;
33				use Labyrinth::Variables;
34				use Labyrinth::Plugin::Hits;
35
36				#----------------------------------------------------------------------------
37				# Variables
38
39				use vars qw(%fields @mandatory @allfields);
40
41				# type: 0 = optional, 1 = mandatory
42				# html: 0 = none, 1 = text, 2 = textarea
43
44				%fields = (
45				realname => { type => 1, html => 1 },
46				email => { type => 0, html => 1 },
47				city => { type => 0, html => 1 },
48				country => { type => 0, html => 1 },
49				url => { type => 0, html => 1 },
50				guestpass => { type => 0, html => 1 },
51				comments => { type => 1, html => 1 },
52				);
53
54				for(keys %fields) {
55				push @mandatory, $_ if($fields{$_}->{type});
56				push @allfields, $_;
57				}
58
59				my $hits = Labyrinth::Plugin::Hits->new();
60
61				#----------------------------------------------------------------------------
62				# Public Interface Functions
63
64				sub Read {
65				my $stop = 10;
66				my $page = $cgiparams{page} \|\| 1;
67				my $from = (($page - 1) * $stop) + 1;
68				my @rows = $dbi->GetQuery('array','CountGuestbook');
69				my $max = $rows[0]->[0];
70
71				my $info = Data::Pageset->new({
72				'total_entries' => $max,
73				'entries_per_page' => $stop,
74				'current_page' => $page,
75				'pages_per_set' => $stop}
76				);
77
78				$tvars{first} = $info->first_page;
79				$tvars{last} = $info->last_page;
80				$tvars{next} = $info->next_page;
81				$tvars{prev} = $info->previous_page;
82				$tvars{page} = $page;
83
84				# Print the page numbers of the current set
85				my @pages = (@{$info->pages_in_set()});
86				$tvars{pages} = \@pages if(@pages);
87				@rows = ();
88				my $next = $dbi->Iterator('hash','ListGuestbook');
89				while(@rows < $stop && (my $row = $next->())) {
90				next if(--$from > 0);
91				$row->{postdate} = formatDate(7,$row->{createdate});
92				push @rows, $row
93				}
94				$tvars{data} = \@rows if(@rows);
95				}
96
97				sub Save {
98				my $check = CheckIP();
99				if( $check == BLOCK
100				\|\| $cgiparams{typekey}
101				\|\| !$cgiparams{loopback}
102				\|\| $cgiparams{loopback} ne $settings{ipaddr}) {
103				$tvars{thanks} = 3;
104				return;
105				}
106				$cgiparams{publish} = $check == ALLOW ? 3 : 2;
107				# Strip out HTML unless we are allowing it. The process_html
108				# sub should take care of everything.
109				for(keys %fields) {
110				if($fields{$_}->{html} == 1) { $cgiparams{$_} = CleanHTML($cgiparams{$_}); }
111				elsif($fields{$_}->{html} == 2) { $cgiparams{$_} = SafeHTML($cgiparams{$_}); }
112				}
113				#$cgiparams{comments} = LinkSpam($cgiparams{comments});
114				# $cgiparams{guestpass} = '' unless(lc($cgiparams{guestpass}) eq 'rubery');
115				return if FieldCheck(\@allfields,\@mandatory);
116
117				$tvars{data}->{'url'} = '';
118				$tvars{data}->{email} = '';
119				my @fields = (
120				$tvars{data}->{realname},
121				$tvars{data}->{email},
122				$tvars{data}->{url},
123				$tvars{data}->{city},
124				$tvars{data}->{country},
125				$tvars{data}->{comments},
126				time(),
127				$tvars{data}->{publish},
128				$settings{ipaddr}
129				);
130				$dbi->DoQuery('SaveGuestbook',@fields);
131				$hits->SetUpdates('guest',0);
132				$tvars{thanks} = 1;
133				}
134
135				#----------------------------------------------------------------------------
136				# Admistration Interface Functions
137
138				sub List {
139				return unless AccessUser(EDITOR);
140				my @rs = $dbi->GetQuery('hash','ListAllGuestbook');
141				foreach my $row (@rs) {
142				$row->{createdate} = formatDate(18,$row->{createdate});
143				if(length($row->{comments}) > 100) {
144				$row->{comments} = substr($row->{comments},0,97);
145				$row->{comments} .= '...';
146				}
147				}
148				if(@rs) {
149				$tvars{records} = \@rs;
150				$tvars{count} = scalar(@rs);
151				} else {
152				$tvars{count} = 0;
153				}
154				}
155
156				sub MultiBlock {
157				return unless AccessUser(ADMIN);
158				return unless($cgiparams{pattern});
159
160				my @ids;
161				my @rs = $dbi->GetQuery('hash','GetGuestbookByText','%'.$cgiparams{pattern}.'%');
162				for my $rs (@rs) {
163				BlockIP($rs->{author},$rs->{ipaddr});
164				push @ids, $rs->{'entryid'};
165				LogDebug('MultiBlock:' . scalar(@ids));
166				}
167				$dbi->DoQuery('DeleteGuestbook',{ids => join(',',@ids)}) if(@ids);
168				$tvars{thanks} = 1;
169				}
170
171				sub Block {
172				return unless AccessUser(ADMIN);
173				return unless AuthorCheck('GetGuestbookByID','entryid',ADMIN);
174				BlockIP($tvars{data}->{author},$tvars{data}->{ipaddr});
175				my @rows = $dbi->GetQuery('hash','GetGuestbookByIP',$tvars{data}->{ipaddr});
176				return unless(@rows);
177				my @ids = map {$_->{'entryid'}} @rows;
178				$dbi->DoQuery('DeleteGuestbook',{ids => join(',',@ids)});
179				$tvars{thanks} = 1;
180				}
181
182				sub Allow {
183				return unless AccessUser(ADMIN);
184				return unless AuthorCheck('GetGuestbookByID','entryid',ADMIN);
185				AllowIP($tvars{data}->{author},$tvars{data}->{ipaddr});
186				my @rows = $dbi->GetQuery('hash','GetGuestbookByIP',$tvars{data}->{ipaddr});
187				return unless(@rows);
188				my @ids = map {$_->{'entryid'}} @rows;
189				$dbi->DoQuery('AcceptGuestbook',{ids => join(',',@ids)});
190				$tvars{thanks} = 2;
191				}
192
193				sub Approve {
194				return unless AccessUser(ADMIN);
195				my @ids = ($cgiparams{entryid});
196				return unless(@ids);
197				$dbi->DoQuery('AcceptGuestbook',{ids => join(',',@ids)});
198				$tvars{thanks} = 3;
199				}
200
201				sub Delete {
202				return unless AccessUser(ADMIN);
203				my @ids = ($cgiparams{entryid});
204				return unless(@ids);
205				$dbi->DoQuery('DeleteGuestbook',{ids => join(',',@ids)});
206				$tvars{thanks} = 4;
207				}
208
209				sub Edit {
210				return unless AccessUser(EDITOR);
211				return unless AuthorCheck('GetGuestbookByID','entryid',EDITOR);
212				}
213
214				sub Update {
215				return unless AccessUser(EDITOR);
216				return unless AuthorCheck('GetGuestbookByID','entryid',EDITOR);
217
218				# Strip out HTML unless we are allowing it. The process_html
219				# sub should take care of everything.
220				for(keys %fields) {
221				if($fields{$_}->{html} == 1) { $cgiparams{$_} = CleanHTML($cgiparams{$_}); }
222				elsif($fields{$_}->{html} == 2) { $cgiparams{$_} = SafeHTML($cgiparams{$_}); }
223				}
224				#$cgiparams{comments} = LinkSpam($cgiparams{comments});
225				return if FieldCheck(\@allfields,\@mandatory);
226
227				$tvars{data}->{'url'} = '';
228				$tvars{data}->{email} = '';
229				$dbi->DoQuery(
230				'UpdateGuestbook',
231				$tvars{data}->{realname},
232				$tvars{data}->{email},
233				$tvars{data}->{url},
234				$tvars{data}->{city},
235				$tvars{data}->{country},
236				$tvars{data}->{comments},
237				$cgiparams{entryid});
238				$tvars{thanks} = 1;
239				}
240
241				1;
242
243				__END__