From 0c72d673a9056c753503e6b2a8d4fbf3aba75a95 Mon Sep 17 00:00:00 2001
From: Jesse Morgan <jesse@jesterpm.net>
Date: Wed, 25 May 2011 11:32:49 -0700
Subject: Moderation workflow is.. working

---
 design/database.sql                |  3 +-
 htdocs/css/main.css                | 12 +++++
 htdocs/index.php                   |  2 -
 htdocs/moderate/admin.css          | 95 ++++----------------------------------
 htdocs/moderate/index.php          | 18 +++-----
 htdocs/moderate/moderate.php       | 45 ++++++++++++++++++
 htdocs/moderate/src/footer.inc.php |  1 -
 htdocs/moderate/src/header.inc.php | 83 ++++++++++++++-------------------
 htdocs/new-post.php                | 26 ++++++++---
 htdocs/postings.php                | 16 ++++++-
 htdocs/src/Post.inc.php            |  4 ++
 htdocs/src/User.inc.php            |  4 ++
 htdocs/src/header.inc.php          |  5 +-
 13 files changed, 154 insertions(+), 160 deletions(-)
 create mode 100644 htdocs/moderate/moderate.php

diff --git a/design/database.sql b/design/database.sql
index 08bcc54..6bb34da 100644
--- a/design/database.sql
+++ b/design/database.sql
@@ -52,7 +52,8 @@ CREATE TABLE post (
     source_id   INTEGER     UNSIGNED NOT NULL,
     stage      ENUM('verification',
                     'moderation',
-                    'approved') NOT NULL DEFAULT 'verification',
+                    'approved',
+                    'rejected') NOT NULL DEFAULT 'verification',
 
     PRIMARY KEY(id),
     UNIQUE  KEY(secretid)
diff --git a/htdocs/css/main.css b/htdocs/css/main.css
index bc3157c..be823b3 100644
--- a/htdocs/css/main.css
+++ b/htdocs/css/main.css
@@ -117,3 +117,15 @@ body {
     padding: 0.5em;
     margin: 1em auto 1em auto;
 }
+
+.errorbox {
+    width: 80%;
+    border: #DD0000 solid 3px;
+    background: #FFBBBB;
+    padding: 0.5em;
+    margin: 1em 0 1em 0;
+}
+
+.errorbox p {
+    margin: 0;
+}
diff --git a/htdocs/index.php b/htdocs/index.php
index 6ac32ff..148cfd6 100644
--- a/htdocs/index.php
+++ b/htdocs/index.php
@@ -21,7 +21,6 @@ $posts->limit(5);
 $posts->query();
 
 if ($posts->valid()) {
-    for ($i = 0; $i < 10; $i++) { 
     foreach ($posts as $id => $post) {
         printf("<div class=\"post\"><p><a href=\"". $GLOBALS['CONFIG']['urlroot']
                 . "/postings/%s.html\">%s</a></p>"
@@ -30,7 +29,6 @@ if ($posts->valid()) {
                 
                 $id, $post->getName(), $post->getLocation(), $post->getAge());
     }
-    }
 
 } else {
     echo "<p>No recent posts.</p>";
diff --git a/htdocs/moderate/admin.css b/htdocs/moderate/admin.css
index 936c3ec..a1e7ed0 100644
--- a/htdocs/moderate/admin.css
+++ b/htdocs/moderate/admin.css
@@ -1,99 +1,20 @@
-body {
-    font-family: "Lucida Grande", "Lucida Sans", "Lucida", sans-serif;
-	font-size: 0.75em;
-    line-height: 1.5em;
-
-    margin-left: 10%;
-    margin-top: 5%;
-    width: 60%;
-}
-
 h1 {
-    font-size: 4em;
-    margin-bottom: 1.25em;
-}
-
-a, a:visited {
-    color: #1070c0;
-    text-decoration: none;
+    margin-left: 1em;
+    margin-bottom: 0;
 }
 
 #content {
-    width: 75%;
+    width: auto;
     padding-left: 3em;
-
 }
 
-#nav {
-    float: right;
+#modnav ul {
+    margin: 0;
+    padding: 0;
 }
 
-#nav ul {
-    padding-left: 1em;
+#modnav ul li {
     list-style: none;
-}
-
-#search {
-    float: right;
-    margin-top: -2em;
-}
-
-#listing {
-    margin-top: 1.5em;
-}
-
-#listing .header {
-    background: #555;
-    padding: 0.75em;
-    color: white;
-    font-weight: bold;
-    font-size: 120%;
-}
-
-#listing .row0, #listing .row1 {
-    border-top: solid thin #AAA;
-    padding: 0.75em;
-}
-
-#listing .row0 {
-}
-
-#listing .row1 {
-}
-
-#listing .col0 {
     display: inline-block;
-    width: 100px;
-    text-align: center;
-}
-
-
-.element input[type=text], .element input[type=password] {
-    width: 90%;
-    padding: .5em;
-}
-
-label {
-    font-weight: bold;
-}
-
-.element {
-    margin-bottom: 1.25em;
-}
-
-.buttons {
-    float: right;
-    margin-right: 10%;
-}
-
-div.error {
-    background: #FAA;
-    border: solid red 2px;
-    padding: 1.5em;
-    margin: 2em 0 2em 0;
-    width: 90%;
-}
-
-p {
-    margin: 0;
+    margin-right: 1em;
 }
diff --git a/htdocs/moderate/index.php b/htdocs/moderate/index.php
index 3c0c9ca..908c43b 100644
--- a/htdocs/moderate/index.php
+++ b/htdocs/moderate/index.php
@@ -10,17 +10,10 @@
 
 require_once('../src/base.inc.php');
 
-if (!isset($_SESSION['currentUser'])) {
-    header('Location: ' . $CONFIG['urlroot'].'/moderate/login.php');
-    exit();
-}
-
-require_once('header.inc.php');
+require_once('src/header.inc.php');
 
 ?>
 
-<h2>Welcome</h2>
-
 <?php
 
 // List posts to be approved
@@ -34,16 +27,19 @@ $posts->query();
 
 if ($posts->valid()) {
     foreach ($posts as $id => $post) {
-        printf("<div class=\"post\"><p><a href=\"preview/%s.html\">%s</a></p>"
+        printf("<div class=\"post\"><p><a href=\"%s/postings/%s.html?moderate\">%s</a></p>"
                 . "%s <a href=\"mailto:%s\">%s</a></div>",
 
-                $id, $post->getName(), $post->getCreated(), $post->getEmail(), $post->getEmail());
+                $GLOBALS['CONFIG']['urlroot'],
+                $id, $post->getName(),
+                $post->getCreated(),
+                $post->getEmail(), $post->getEmail());
     }
 
 } else {
     echo "<p>No posts awaiting approval</p>";
 }
 
-require_once('footer.inc.php');
+require_once('src/footer.inc.php');
 
 ?>
diff --git a/htdocs/moderate/moderate.php b/htdocs/moderate/moderate.php
new file mode 100644
index 0000000..0d3a67d
--- /dev/null
+++ b/htdocs/moderate/moderate.php
@@ -0,0 +1,45 @@
+<?php
+
+/* Foursquare Community Site
+ * 
+ * Copyright (C) 2011 Foursquare Church.
+ * 
+ * Developers: Jesse Morgan <jmorgan@foursquarestaff.com>
+ *
+ */
+
+require_once('../src/base.inc.php');
+
+if (!isset($_SESSION['currentUser'])) {
+    header('Location: ' . $CONFIG['urlroot'].'/moderate/login.php');
+    exit();
+}
+
+// If we have a valid id.
+if (isset($_GET['id']) and is_numeric($_GET['id'])) {
+
+    // Get the post.
+    $post = Post::getById($_GET['id']);
+
+    if ($post) {
+        // Accept or Reject.
+        if (isset($_GET['action'])) {
+            switch ($_GET['action']) {
+                case 'approve':
+                    $post->approve();
+                    break;
+
+                case 'reject':
+                    $post->reject();
+                    break;
+            }
+
+            $post->save();
+        }
+    }
+}
+
+// Redirect back to the moderation index.
+header('Location: ' . $CONFIG['urlroot'] . '/moderate');
+
+?>
diff --git a/htdocs/moderate/src/footer.inc.php b/htdocs/moderate/src/footer.inc.php
index 96d3e78..5b85fcc 100644
--- a/htdocs/moderate/src/footer.inc.php
+++ b/htdocs/moderate/src/footer.inc.php
@@ -1,4 +1,3 @@
-<?php /* $Id: footer.inc.php 134 2011-03-08 23:35:57Z jessemorgan $ */ ?>
 </div>
 
 
diff --git a/htdocs/moderate/src/header.inc.php b/htdocs/moderate/src/header.inc.php
index 4310009..fc8a06f 100644
--- a/htdocs/moderate/src/header.inc.php
+++ b/htdocs/moderate/src/header.inc.php
@@ -1,64 +1,51 @@
 <?php
-/* $Id: header.inc.php 151 2011-04-19 23:21:06Z jessemorgan $ */
 
-if (!isset($SESSION['currentUser']['id'])) {
-    if (isset($_POST['login_email']) and isset($_POST['login_password'])) {
-        $db = getDatabase();
-
-        $email = addslashes($_POST['login_email']);
-        $password = sha1($_POST['password']);
-
-        $query = "SELECT * FROM jpm_users WHERE `email`='$email' AND `password`='$password'";
-        $result = $db->fetchAssocRow($query);
-
-        if ($result) { 
-            $SESSION['currentUser'] = $result;
-        }
-    
-    }
+// Require Authentication
+if (!isset($_SESSION['currentUser'])) {
+    header('Location: ' . $CONFIG['urlroot'].'/moderate/login.php');
+    exit();
 }
 
 ?><!DOCTYPE html>
 <html>
 <head>
-    <link rel="stylesheet" type="text/css" href="<?= $CONFIG['siteroot']?>/admin/admin.css" />
-
-    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js"></script>
-    <script>
-        $(document).ready(function() {
-            $('a.delete').click(function() {
-                return confirm('Are you sure you want to delete this?');
-
-            });
-
-            $('a.delete img').hover(function() {
-                    $(this).attr('src', '<?= $CONFIG['siteroot'] ?>/admin/images/delete.png');
-                },
-                function() {
-                    $(this).attr('src', '<?= $CONFIG['siteroot'] ?>/admin/images/deletegray.png');
-                });
+    <title><?= $CONFIG['sitetitle'] ?> Moderation</title>
 
-        });
-    </script>
+    <link rel="stylesheet" href="<?= $CONFIG['urlroot'] ?>/css/main.css" />
+    <link rel="stylesheet" href="<?= $CONFIG['urlroot'] ?>/moderate/admin.css" />
 
 </head>
 <body>
+<div id="header">
+    <p><a href="<?= $CONFIG['urlroot'] ?>">
+        <img src="<?= $CONFIG['urlroot'] ?>/images/logo.png" 
+        alt="<?= $CONFIG['sitetitle'] ?>" /></a></p>
+
+    <div id="about">
+        Foursquare community is a place where you can find help,
+        sell merchandise, list events or even post your rental.
+        We want to build a help you get connected to the community of our church!
+    </div>
+</div>
 
-<h1><a href="<?= $CONFIG['siteroot']?>/admin/index.php">Foursquare Admin Panel</a></h1>
-<div id="nav">
-    <h2>Navigation</h2>
-    <ul>
-        <li><a href="<?= $CONFIG['siteroot']?>/admin/online-campus">Online Services</a>
-            <ul>
-            <li><a href="<?= $CONFIG['siteroot']?>/admin/online-campus/attendance">Online Attendance</a></li>
-            </ul>
-        </li>
+<h1><?= $CONFIG['sitetitle'] ?> Moderation</h1>
+
+<div id="content">
 
-        <li><a href="<?= $CONFIG['siteroot']?>/troubleshoot.php">Troubleshooting Page</a></li>
-        <li><a href="<?= $CONFIG['siteroot']?>/admin/accounts/">Accounts</a></li>
-        <li><a href="<?= $CONFIG['siteroot']?>/admin/changepassword.php">Change Password</a></li>
-        <li><a href="<?= $CONFIG['siteroot']?>/admin/login.php?logout">Logout</a></li>
+<div id="modnav">
+    <ul>
+        <li><a href="">Moderate Posts</a></li>
+        
+        <?php
+            // Admin Navigation
+            if ($_SESSION['currentUser']->isAdmin()) {
+                echo "<li><a href=\"". $CONFIG['urlroot'] ."/\">Pages</a></li>";
+                echo "<li><a href=\"". $CONFIG['urlroot'] ."/\">Users</a></li>";
+            }
+        ?>
+
+        <li><a href="">Account Settings</a></li>
+        <li><a href="">Logout</a></li>
     </ul>
 </div>
 
-<div id="content">
diff --git a/htdocs/new-post.php b/htdocs/new-post.php
index cef238e..3c2fe42 100644
--- a/htdocs/new-post.php
+++ b/htdocs/new-post.php
@@ -43,11 +43,16 @@ if (isset($_POST['category'])) {
         $error .= "<p>You must accept the terms of service.</p>";
     }
 
+    $category = Category::getByShortname(addslashes($values['category']));
+    if (!$category) {
+        $error .= "<p>Invalid category.</p>";
+    }
+
     if ($error == '') {
         $post = new Post();
 
         $post->setEmail($values['email']);
-        $post->setCategory($values['category']);
+        $post->setCategory($category->getId());
         $post->setName($values['title']);
         $post->setDescription($values['description']);
 
@@ -75,26 +80,33 @@ require_once "src/footer.inc.php";
 
 
 function render_form($error="") {
+    global $values;
+
     if ($error != '') {
-        echo "<div class=\"error\">$error</div>";
+        echo "<div class=\"errorbox\">$error</div>";
     }
 
     echo "<form action=\"new-post.php\" method=\"post\">";
     echo "<p><label>Category: <select name=\"category\">";
     foreach (Category::getCategories() as $short => $name) {
-        echo "<option name=\"$short\">$name</option>";
+        if (isset($_POST['category']) and $_POST['category'] == $short) {
+            echo "<option name=\"$short\" selected=\"selected\">$name</option>";
+
+        } else {
+            echo "<option name=\"$short\">$name</option>";
+        }
     }
     echo "</select></label</p>";
 
-    echo "<p><label>Title: <input type=\"text\" name=\"title\" /></label></p>";
+    echo "<p><label>Title: <input type=\"text\" name=\"title\" value=\"${values[title]}\" /></label></p>";
 
     echo "<p><label for=\"desc\">Description:</label></p>";
     echo "<p><textarea name=\"description\" id=\"desc\" rows=\"10\""
-            . " cols=\"80\"></textarea></p>";
+            . " cols=\"80\">${values[description]}</textarea></p>";
 
-    echo "<p><label>Email Address: <input type=\"text\" name=\"email\" />"
+    echo "<p><label>Email Address: <input type=\"text\" name=\"email\" value=\"${values[email]}\" />"
             . "</label></p>";
-    echo "<p><label>Confirm Email: <input type=\"text\" name=\"email2\" />"
+    echo "<p><label>Confirm Email: <input type=\"text\" name=\"email2\" value=\"${values[email2]}\" />"
             . "</label></p>";
 
     // TODO: Link to terms of service.
diff --git a/htdocs/postings.php b/htdocs/postings.php
index e43f24e..5c3dd55 100644
--- a/htdocs/postings.php
+++ b/htdocs/postings.php
@@ -28,10 +28,24 @@ if (!is_numeric($id)) {
 // Get the post.
 $post = Post::getById($id);
 
-if (!$post or $post->getStage() != 'approved') {
+if (!$post or (!isset($_GET['moderate']) and $post->getStage() != 'approved')) {
     errorNotFound();
 }
 
+if (isset($_GET['moderate'])) {
+    if (!isset($_SESSION['currentUser'])) {
+        header('Location: ' . $CONFIG['urlroot'].'/moderate/login.php');
+        exit();
+    }
+    echo "<div class=\"moderationbox\">You are moderating this post: ";
+    printf("<a href=\"../moderate/moderate.php?id=%s&action=approve\">Approve</a> "
+        . "<a href=\"../moderate/moderate.php?id=%s&action=reject\">Reject</a>",
+        $post->getId(), $post->getId());
+    echo "<p><a href=\"../moderate/index.php\">Return to moderation</a></p>";
+    echo "</div>";
+
+}
+
 // Display the post.
 
 echo "<h2>". $post->getName() ."</h2>";
diff --git a/htdocs/src/Post.inc.php b/htdocs/src/Post.inc.php
index 820ca97..8c936d9 100644
--- a/htdocs/src/Post.inc.php
+++ b/htdocs/src/Post.inc.php
@@ -128,6 +128,10 @@ class Post {
         }
     }
 
+    public function reject() {
+        $this->info['stage'] = 'rejected';
+    }
+
     public function getCreated() {
         return $this->info['created'];
     }
diff --git a/htdocs/src/User.inc.php b/htdocs/src/User.inc.php
index 6821042..6ad5ebb 100644
--- a/htdocs/src/User.inc.php
+++ b/htdocs/src/User.inc.php
@@ -69,6 +69,10 @@ class User {
     public function authenticate($password) {
         return sha1($password) == $this->info['password'];
     }
+
+    public function isAdmin() {
+        return $this->info['admin'] == 1;
+    }
 }
 
 ?>
diff --git a/htdocs/src/header.inc.php b/htdocs/src/header.inc.php
index f6c5eb8..3d7f4b0 100644
--- a/htdocs/src/header.inc.php
+++ b/htdocs/src/header.inc.php
@@ -8,8 +8,9 @@
 </head>
 <body>
 <div id="header">
-    <p><img src="<?= $CONFIG['urlroot'] ?>/images/logo.png" 
-        alt="<?= $CONFIG['sitetitle'] ?>" /></p>
+    <p><a href="<?= $CONFIG['urlroot'] ?>">
+        <img src="<?= $CONFIG['urlroot'] ?>/images/logo.png" 
+        alt="<?= $CONFIG['sitetitle'] ?>" /></a></p>
 
     <div id="about">
         Foursquare community is a place where you can find help,
-- 
cgit v1.2.3