1 Topic by guardian34 (edited by guardian34 2006-06-11 15:18)

  • Registered: 2006-06-05
  • Posts: 410

Topic: AP_Post_Author_Update

My first attempt at a PunBB plugin? it modifies the author (poster and poster_id) for a given post (id).

<?php
/***********************************************************************

  Copyright (C) 2006  guardian34 (publicbox@fmguy.com)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/

// Make sure no one attempts to run this script "directly"
if (!defined('PUN'))
    exit;

// Tell admin_loader.php that this is indeed a plugin and that it is loaded
define('PUN_PLUGIN_LOADED', 1);

if (isset($_POST['update']))
{
    // Make sure post id was entered
    if (trim($_POST['id_post']) == '')
        message('You didn\'t enter a post id!');

    // Make sure user id was entered
    if (trim($_POST['id_user']) == '')
        message('You didn\'t enter an user id!');

    // Check for valid post id
    $result = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE id = '.$_POST['id_post']);
    $result = $db->fetch_assoc($result);
    if (!$result['id'])
        message('Post id '.$_POST['id_user'].' wasn\'t found.');

    // Check for valid user id and get new username
    $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id = '.$_POST['id_user']);
    $result = $db->fetch_assoc($result);
    if (!$result['username'])
        message('User id '.$_POST['id_user'].' wasn\'t found.');

    // Update post
    $db->query('UPDATE '.$db->prefix.'posts SET '.
        'poster=\''.$result['username'].'\', '.
        'poster_id='.$_POST['id_user'].' WHERE id = '.$_POST['id_post']);

    // Display the admin navigation menu
    generate_admin_menu($plugin);
?>
    <div class="block">
        <h2><span>Post Author Update - v1.0</span></h2>
        <div class="box">
            <div class="inbox">
                <p>This plugin modifies the author (poster and poster_id) for a given post (id).</p>
            </div>
        </div>
    </div>
        
    <div class="block">
        <h2 class="block2"><span>Result</span></h2>
        <div class="box">
            <div class="inbox">
                <p>The update was successful. 
                    (Post: <a href="viewtopic.php?pid=<?php echo $_POST['id_post'] ?>"><?php echo $_POST['id_post']; ?></a>;
                     User: <a href="profile.php?id=<?php echo $_POST['id_user']; ?>"><?php echo $_POST['id_user']; ?></a>)</p>
            </div>
        </div>
    </div>
<?php
}
else
{
    // Display the admin navigation menu
    generate_admin_menu($plugin);
?>
    <div class="block">
        <h2><span>Post Author Update - v1.0</span></h2>
        <div class="box">
            <div class="inbox">
                <p>This plugin modifies the author (poster and poster_id) for a given post (id).</p>
            </div>
        </div>
    </div>
        
    <div class="blockform">
        <h2 class="block2"><span>Input</span></h2>
        <div class="box">
            <form method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
                <div class="inform">
                    <fieldset>
                        <legend>IDs</legend>
                        <div class="infldset">
                            <table class="aligntop" cellspacing="0">
                                <tr>
                                    <th scope="row">Post ID:</th>
                                    <td><input type="text" name="id_post" size="16" /></td>
                                </tr>
                                <tr>
                                    <th scope="row">User ID:</th>
                                    <td><input type="text" name="id_user" size="16" /></td>
                                </tr>
                            </table>
                        </div>
                    </fieldset>
                </div>
            <p class="submitend"><input type="submit" name="update" value="Update" /></p>
            </form>
        </div>
    </div>
<?php
}
// Note that the script just ends here. The footer will be included by admin_loader.php.
?>

Being fairly new to both PHP and PunBB, I have a couple of concerns. First, should the input be run through any filtering? Second, can I use the UPDATE query result to determine if the post id is valid?

  • Smartys
  • Former PunBB Developer
  • Offline
  • Registered: 2004-04-30
  • Posts: 7,844

Re: AP_Post_Author_Update

First, should the input be run through any filtering?

Yes, all values that should be numbers should have intval run on them and all strings should have $db->escape run on them

Second, can I use the UPDATE query result to determine if the post id is valid?

Kind of, I believe you can use $db->affected_rows the same way you would use $db->num_rows (which you really should be using rather than using $db->fetch_assoc and then checking the data from that)

3 Reply by guardian34 (edited by guardian34 2006-06-11 20:11)

  • Registered: 2006-06-05
  • Posts: 410

Re: AP_Post_Author_Update

Smartys wrote:

Yes, all values that should be numbers should have intval run on them and all strings should have $db->escape run on them

Done, thanks.

Kind of, I believe you can use $db->affected_rows

That always returns 0. Edit: Nevermind, mistake on my part.

Does this look better?

    // Make sure post id was entered
    if (trim($_POST['id_post']) == '')
        message('You didn\'t enter a post id!');

    // Make sure user id was entered
    if (trim($_POST['id_user']) == '')
        message('You didn\'t enter an user id!');

    $_POST['id_post'] = intval($_POST['id_post']);
    $_POST['id_user'] = intval($_POST['id_user']);

    // Check for valid user id and get new username
    $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id = '.$_POST['id_user']);
    $result = $db->result($result, 0, 0);
    if ($result == '')
        message('User id '.$_POST['id_user'].' wasn\'t found.');

    // Update post!
    $db->query('UPDATE '.$db->prefix.'posts SET '.'poster=\''.$result.'\', '.'poster_id='.$_POST['id_user'].' WHERE id = '.$_POST['id_post']);
    if ($db->affected_rows() < 1)
        $result = 'No updates were made.';
    else
        $result = 'The update was successful. '.
            '(Post: <a href="viewtopic.php?pid='.$_POST['id_post'].'">'.$_POST['id_post'].'</a>;'.
            ' User: <a href="profile.php?id='.$_POST['id_user'].'">'.$_POST['id_user'].'</a>)';

    // Display the admin navigation menu
  • Registered: 2006-06-05
  • Posts: 410

Re: AP_Post_Author_Update

FYI, I realized that I may also need to update information for the topic author or last poster.

  • Smartys
  • Former PunBB Developer
  • Offline
  • Registered: 2004-04-30
  • Posts: 7,844

Re: AP_Post_Author_Update

Personally, I'd store the post values in their own variables (that have been properly intval'ed) just to make writing the stuff easier later
ie:

$post_id = intval($_POST['id_post']);

Also

$result = $db->result($result, 0, 0);

The function takes only 2 parameters

  • Registered: 2006-06-05
  • Posts: 410

Re: AP_Post_Author_Update

Smartys wrote:

The function takes only 2 parameters

I thought it took three, but I realized that two should work.

Now I'm trying to check if the topic author needs to be updated.

  • From: Leuven, Belgium
  • Registered: 2005-06-14
  • Posts: 2,653

Re: AP_Post_Author_Update

function result($query_id = 0, $row = 0)
    {
        return ($query_id) ? @mysql_result($query_id, $row) : false;
    }

It takes two.

  • Registered: 2006-06-05
  • Posts: 410

Re: AP_Post_Author_Update

This works for me on one installation but not another. Any thoughts?

if (isset($_POST['up_poster']))
{
    $result = $db->query('UPDATE '.$db->prefix.'topics SET poster = \''.$new_user.'\' WHERE id = '.
        '(SELECT topic_id FROM '.$db->prefix.'posts WHERE id = '.$post_id.')');
    if ($db->affected_rows() < 1)
        $results .= 'The topic poster was <b>not</b> updated.<br />';
    else
        $results .= 'The topic poster was updated successfully.<br />';
}
  • Smartys
  • Former PunBB Developer
  • Offline
  • Registered: 2004-04-30
  • Posts: 7,844

Re: AP_Post_Author_Update

Subselects are supported in MySQL 4.1 and greater?

10 Reply by guardian34 (edited by guardian34 2006-06-15 17:32)

  • Registered: 2006-06-05
  • Posts: 410

Re: AP_Post_Author_Update

Smartys wrote:

Subselects are supported in MySQL 4.1 and greater?

The other installation uses MySQL 4.0.*. hmm

Thanks, Smartys.

Edit: Now everything seems to be updated expect for the index page?

  • Smartys
  • Former PunBB Developer
  • Offline
  • Registered: 2004-04-30
  • Posts: 7,844

Re: AP_Post_Author_Update

Look at the update_forum function

12 Reply by guardian34 (edited by guardian34 2006-07-11 03:41)

  • Registered: 2006-06-05
  • Posts: 410

Re: AP_Post_Author_Update

Version 1.2:

<?php
/***********************************************************************

  Copyright (C) 2006  guardian34 (publicbox@fmguy.com)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/


// Make sure no one attempts to run this script "directly"
if (!defined('PUN'))
    exit;

// Tell admin_loader.php that this is indeed a plugin and that it is loaded
define('PUN_PLUGIN_LOADED', 1);

if (isset($_POST['update']))
{
    // Make sure post id was entered
    if (trim($_POST['post_id']) == '')
        message('You didn\'t enter a post id!');

    // Make sure user id was entered
    if (trim($_POST['user_id']) == '')
        message('You didn\'t specifiy an user!');

    $post_id = intval($_POST['post_id']);
    $user_id = intval($_POST['user_id']);

    // Get username
    $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch username', __FILE__, __LINE__, $db->error());
    $username = $db->result($result);

    // Get topic id
    $result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
    $topic_id = $db->result($result);

    // Get topic post id
    $result = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id.' ORDER BY posted LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
    $topic_post_id = $db->result($result);
    
    
    // Update post
    $db->query('UPDATE '.$db->prefix.'posts SET poster=\''.$username.'\', '.'poster_id='.$user_id.' WHERE id = '.$post_id);
    if ($db->affected_rows() < 1)
        $msg = 'The post author was <b>not</b> updated.<br />'."\n\t\t\t\t";
    else
        $msg = 'The post author was updated successfully. '.
            '(Post: <a href="viewtopic.php?pid='.$post_id.'#p'.$user_id.'">'.$post_id.'</a>;'.
            ' User: <a href="profile.php?id='.$user_id.'">'.$username.'</a>)<br />'."\n\t\t\t\t";

    // Try to update "topic post"
    if ($post_id == $topic_post_id)
        $db->query('UPDATE '.$db->prefix.'topics SET poster = \''.$username.'\' WHERE id = '.$topic_id);

    // Try to update last_poster
    $db->query('UPDATE '.$db->prefix.'topics SET last_poster = \''.$username.'\' WHERE last_post_id = '.$post_id);
    
    // Update forum
    $result = $db->query('SELECT forum_id FROM '.$db->prefix.'topics WHERE id = '.$topic_id);
    update_forum($db->result($result, 0));


    // Display the admin navigation menu
    generate_admin_menu($plugin);
?>
    <div class="block">
        <h2><span>Post Author Update - v1.2</span></h2>
        <div class="box">
            <div class="inbox">
                <p>This plugin modifies a post's author.</p>
            </div>
        </div>
    </div>
        
    <div class="block">
        <h2 class="block2"><span>Result</span></h2>
        <div class="box">
            <div class="inbox">
                <p><?php echo $msg; ?></p>
            </div>
        </div>
    </div>
<?php
}
else
{
    // Display the admin navigation menu
    generate_admin_menu($plugin);
?>
    <div class="block">
        <h2><span>Post Author Update - v1.2</span></h2>
        <div class="box">
            <div class="inbox">
                <p>This plugin modifies a post's author.</p>
            </div>
        </div>
    </div>
        
    <div class="blockform">
        <h2 class="block2"><span>Input</span></h2>
        <div class="box">
            <form method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
                <div class="inform">
                    <fieldset>
                        <legend>IDs</legend>
                        <div class="infldset">
                            <table class="aligntop" cellspacing="0">
                                <tr>
                                    <th scope="row">Post ID:</th>
                                    <td><input type="text" name="post_id" size="16" tabindex="1" /></td>
                                </tr>
                                <tr>
                                    <th scope="row">User:</th>
                                    <td>
                                        <?php
                                        
                                        echo '<select name="user_id" tabindex="2">'."\n";
                                        
                                        $result = $db->query('SELECT id, username FROM '.$db->prefix.'users WHERE id > 1 ORDER BY username ASC') or error('Unable to get user list', __FILE__, __LINE__, $db->error());

                                        while ($cur_user = $db->fetch_assoc($result))
                                            echo "\t\t\t\t\t\t\t\t\t\t".'<option value="'.$cur_user['id'].'">'.pun_htmlspecialchars($cur_user['username']).'</option>'."\n";
                                        ?>
                                    </select>
                                    </td>    
                                </tr>
                            </table>
                        </div>
                    </fieldset>
                </div>
            <p class="submitend"><input type="submit" name="update" value="Update" tabindex="3" /></p>
            </form>
        </div>
    </div>
<?php
}
?>

13 Reply by guardian34 (edited by guardian34 2006-11-19 17:07)

  • Registered: 2006-06-05
  • Posts: 410

Re: AP_Post_Author_Update

Version 2 is now on the downloads page as AP_Author_Update.

Edit: New thread