Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Do not show posts that are awaiting moderation to users without moderator privilege unless they are the same user that generated the post in the first place. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
16c42a08084c2f996a222d795766020d |
User & Date: | drh 2018-08-16 16:45:10 |
Original Comment: | Do not posts that are awaiting moderation to users without moderator privilege unless they are the same user that generated the post in the first place. |
Context
2018-08-16
| ||
18:56 | For email notifications abound events from a single user (such as individual forum post notifications) make the From: address be a "noreply" hash based on the users human-readable name or handle. Always include a Return-Path: field in the header that is the email-self setting, to be used by MTUs that need to bounce the message. check-in: 475c9d11 user: drh tags: trunk | |
16:45 | Do not show posts that are awaiting moderation to users without moderator privilege unless they are the same user that generated the post in the first place. check-in: 16c42a08 user: drh tags: trunk | |
16:26 | Update the built-in SQLite to the latest trunk version which includes the fix for EXPLAIN QUERY PLAN for the query that runs the /forum page. check-in: f8994f89 user: drh tags: trunk | |
Changes
Changes to src/forum.c.
270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 ... 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 ... 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 ... 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 |
/* ** Display all posts in a forum thread in chronological order */ static void forum_display_chronological(int froot, int target){ ForumThread *pThread = forumthread_create(froot, 0); ForumEntry *p; for(p=pThread->pFirst; p; p=p->pNext){ char *zDate; Manifest *pPost; pPost = manifest_get(p->fpid, CFTYPE_FORUM, 0); if( pPost==0 ) continue; if( p->fpid==target ){ @ <div id="forum%d(p->fpid)" class="forumTime forumSel"> }else if( p->pLeaf!=0 ){ @ <div id="forum%d(p->fpid)" class="forumTime forumObs"> ................................................................................ if( g.perm.Debug ){ @ <span class="debug">\ @ <a href="%R/artifact/%h(p->zUuid)">artifact</a></span> } if( p->fpid!=target ){ @ %z(href("%R/forumpost/%S?t",p->zUuid))[link]</a> } forum_render(0, pPost->zMimetype, pPost->zWiki, 0); if( g.perm.WrForum && p->pLeaf==0 ){ int sameUser = login_is_individual() && fossil_strcmp(pPost->zUser, g.zLogin)==0; int isPrivate = content_is_private(p->fpid); @ <p><form action="%R/forumedit" method="POST"> @ <input type="hidden" name="fpid" value="%s(p->zUuid)"> if( !isPrivate ){ /* Reply and Edit are only available if the post has already ** been approved */ @ <input type="submit" name="reply" value="Reply"> if( g.perm.Admin || sameUser ){ ................................................................................ ForumThread *pThread; ForumEntry *p; Manifest *pPost, *pOPost; int fpid; const char *zUuid; char *zDate; const char *zSel; pThread = forumthread_create(froot, 1); for(p=pThread->pFirst; p; p=p->pNext){ if( p->fpid==target ){ while( p->pEdit ) p = p->pEdit; target = p->fpid; break; } } for(p=pThread->pDisplay; p; p=p->pDisplay){ pOPost = manifest_get(p->fpid, CFTYPE_FORUM, 0); if( p->pLeaf ){ fpid = p->pLeaf->fpid; zUuid = p->pLeaf->zUuid; pPost = manifest_get(fpid, CFTYPE_FORUM, 0); }else{ fpid = p->fpid; ................................................................................ @ <a href="%R/artifact/%h(p->pLeaf->zUuid)">(%d(fpid))</a></span> } manifest_destroy(pOPost); } if( fpid!=target ){ @ %z(href("%R/forumpost/%S",zUuid))[link]</a> } forum_render(0, pPost->zMimetype, pPost->zWiki, 0); if( g.perm.WrForum ){ int sameUser = login_is_individual() && fossil_strcmp(pPost->zUser, g.zLogin)==0; int isPrivate = content_is_private(fpid); @ <p><form action="%R/forumedit" method="POST"> @ <input type="hidden" name="fpid" value="%s(zUuid)"> if( !isPrivate ){ /* Reply and Edit are only available if the post has already ** been approved */ @ <input type="submit" name="reply" value="Reply"> if( g.perm.Admin || sameUser ){ |
> > > > > > > > | > < > > > > > > > > | > < < < |
270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 ... 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 ... 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 ... 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 |
/* ** Display all posts in a forum thread in chronological order */ static void forum_display_chronological(int froot, int target){ ForumThread *pThread = forumthread_create(froot, 0); ForumEntry *p; int notAnon = login_is_individual(); for(p=pThread->pFirst; p; p=p->pNext){ char *zDate; Manifest *pPost; int isPrivate; /* True for posts awaiting moderation */ int sameUser; /* True if author is also the reader */ pPost = manifest_get(p->fpid, CFTYPE_FORUM, 0); if( pPost==0 ) continue; if( p->fpid==target ){ @ <div id="forum%d(p->fpid)" class="forumTime forumSel"> }else if( p->pLeaf!=0 ){ @ <div id="forum%d(p->fpid)" class="forumTime forumObs"> ................................................................................ if( g.perm.Debug ){ @ <span class="debug">\ @ <a href="%R/artifact/%h(p->zUuid)">artifact</a></span> } if( p->fpid!=target ){ @ %z(href("%R/forumpost/%S?t",p->zUuid))[link]</a> } isPrivate = content_is_private(p->fpid); sameUser = notAnon && fossil_strcmp(pPost->zUser, g.zLogin)==0; if( isPrivate && !g.perm.ModForum && !sameUser ){ @ <p><span class="modpending">Awaiting Moderator Approval</span></p> }else{ forum_render(0, pPost->zMimetype, pPost->zWiki, 0); } if( g.perm.WrForum && p->pLeaf==0 ){ int sameUser = login_is_individual() && fossil_strcmp(pPost->zUser, g.zLogin)==0; @ <p><form action="%R/forumedit" method="POST"> @ <input type="hidden" name="fpid" value="%s(p->zUuid)"> if( !isPrivate ){ /* Reply and Edit are only available if the post has already ** been approved */ @ <input type="submit" name="reply" value="Reply"> if( g.perm.Admin || sameUser ){ ................................................................................ ForumThread *pThread; ForumEntry *p; Manifest *pPost, *pOPost; int fpid; const char *zUuid; char *zDate; const char *zSel; int notAnon = login_is_individual(); pThread = forumthread_create(froot, 1); for(p=pThread->pFirst; p; p=p->pNext){ if( p->fpid==target ){ while( p->pEdit ) p = p->pEdit; target = p->fpid; break; } } for(p=pThread->pDisplay; p; p=p->pDisplay){ int isPrivate; /* True for posts awaiting moderation */ int sameUser; /* True if reader is also the poster */ pOPost = manifest_get(p->fpid, CFTYPE_FORUM, 0); if( p->pLeaf ){ fpid = p->pLeaf->fpid; zUuid = p->pLeaf->zUuid; pPost = manifest_get(fpid, CFTYPE_FORUM, 0); }else{ fpid = p->fpid; ................................................................................ @ <a href="%R/artifact/%h(p->pLeaf->zUuid)">(%d(fpid))</a></span> } manifest_destroy(pOPost); } if( fpid!=target ){ @ %z(href("%R/forumpost/%S",zUuid))[link]</a> } isPrivate = content_is_private(fpid); sameUser = notAnon && fossil_strcmp(pPost->zUser, g.zLogin)==0; if( isPrivate && !g.perm.ModForum && !sameUser ){ @ <p><span class="modpending">Awaiting Moderator Approval</span></p> }else{ forum_render(0, pPost->zMimetype, pPost->zWiki, 0); } if( g.perm.WrForum ){ @ <p><form action="%R/forumedit" method="POST"> @ <input type="hidden" name="fpid" value="%s(zUuid)"> if( !isPrivate ){ /* Reply and Edit are only available if the post has already ** been approved */ @ <input type="submit" name="reply" value="Reply"> if( g.perm.Admin || sameUser ){ |