Added minor comments, started movil SQL into backed, register update

diff --git a/cron/process-images.sh b/cron/process-images.sh
index e0f6936497c1a7dae1e1e34c4f1999cf862a6981..bee85a1752e94ca25dab29e1d76b0da2c4514082 100755 (executable)
--- a/cron/process-images.sh
+++ b/cron/process-images.sh
@@ -1,5 +1,8 @@
 #!/bin/sh
 
+# XXX do we even need this? 
+# configure_image_new could resize image itself
+
 # Script na upravu uploadnutych obrazkov k nodes (backend k eventu configure_image_new #2105641)
 # Spustane z CRONu cca raz za 2 - 5 minut
 

diff --git a/cron/register.php b/cron/register.php
index 38bf9eaa535e40316de493fdd49de6364824d2ff..43b2bc1da910246744aca981fb4c51146519e7ad 100755 (executable)
--- a/cron/register.php
+++ b/cron/register.php
@@ -2,7 +2,9 @@
 <?php
 /*
  * Script that register new users who gaind enough K (votes)
- * Called XXX
+ * Called once a day at 0:42
+ * 
+ * TODO: ? call only function from eventz ? 
  */
 
 
@@ -49,7 +51,7 @@ while ($set->next()) {
       mail($mail,"kyberia gate is opened","Vitaj v kyberii");
 
       //VHODNE POSLAT ZACIATOCNIKOVI POSTU
-//      ubik::ubikMail($params);
+      ubik::ubikMail($params);
 }
 
 ?>

diff --git a/data/templates/own_templates/1549839.tpl b/data/templates/own_templates/1549839.tpl
index ff07e4f7cd5b4f59de5a888087e99fd93ffdbecb..bc7f35b6489cded8bf8c15f81228a53ec58f8f5e 100644 (file)
--- a/data/templates/own_templates/1549839.tpl
+++ b/data/templates/own_templates/1549839.tpl
@@ -27,7 +27,7 @@
   </tr>
 {*/if*}
   <tr>
-<!--XXX test oflogarithmic threading (original (x-y)-8 )-->
+<!--XXX test oflogarithmic threading (original (x-y)-8 ) XXX TODO fit to resolutions-->
     <td width='{math equation="5*log((x-y))-8" x=$child.depth y=$node.vector_depth}%'></td>
     <td valign='top' rowspan='2'>
 {* put.Ty hack *}

diff --git a/doc/TODO b/doc/TODO
index 2ad1c92d7ecb2a36d0418501113fea4232423079..8528826c3904540190ad35f4a8a5005e3eda8687 100644 (file)
--- a/doc/TODO
+++ b/doc/TODO
@@ -1,15 +1,22 @@
 - User mail is not working
+ (mail seems to be stored in db,
+  error is probably somewhere in template
+  1549888.tpl, 1549887.tpl or 25.tpl )
+  Anyway move whole mail handling out of nodes.php (?)
 
 - Registration process is not working
-  (rewrite sending of reg. mails)
+  (rewrite sending of reg. mails) (TEST)
 
 - SQL injections (many fixed, but some should be still there)
 
-- remove absolute paths from all source files (!) (over 50)
+- remove absolute paths from all source files (!)
+
+- User images (icons) seems to be broken somehow
 
 - remove hard-coded hostname from:
   ( registration mails )
   ( scripts in "scripts" directory (system paths))
+
 - Fix https vs http problem (url) 
 
 - Suspected security holes:
@@ -17,22 +24,6 @@
   ( ./inc/eventz/spamuj_ubik.inc )
   ( ./inc/eventz/upload_own_template.inc ) (is even needed?)
 
-- Remove eventz (and files) that are not used (verify this before removing)
-  ( ./inc/eventz/login_lockout_test.inc )
-  ( ./inc/eventz/add_test.inc )
-  ( ./inc/eventz/add_ubik_friend.inc )
-  ( ./inc/eventz/cron_test.inc )
-  ( ./inc/eventz/login_test.inc )
-  ( ./inc/eventz/mail_test.inc )
-  ( ./inc/eventz/test_button.inc )
-  ( ./inc/eventz/testing_cron.inc )
-  ( ./inc/eventz/testm.inc )
-  ( ./inc/eventz/send-old.inc )
-  ( ./inc/eventz/destroy_synapse2.inc )
-  ( ./inc/eventz/login2.inc )
-  ( ./inc/eventz/send2.inc )
-  ( ./inc/eventz/set_parent2.inc )
-
 - Remove/fix not working eventz
   ( ./inc/eventz/addClass.inc  )
   ( ./inc/eventz/addEvent.inc )
@@ -47,13 +38,16 @@
 
 - keep fixing XSS
 
-- documentation/installation guide (see README)
+- Test & scale logarithmic threading
+
+- some templates are fixed only in .tpl, not in sql database
+  => synchronize .tpl vs SQL templates (permanently)
 
 - Clean code => fix uninitialized variables
 
-- Implement URL handling using PATH_INFO instead of mod_rewrite
+- documentation/installation guide (see README)
 
-- some templates are fixed only in .tpl, not in sql database
+- Implement URL handling using PATH_INFO instead of mod_rewrite
 
 - (IMHO we should use SHA1 or stronger algorithm instead of MD5 for storing passwords)
   (We can use multiple hash algorithms (so we'll have backward DB compatibility):

diff --git a/wwwroot/backend/mysql/backend.inc b/wwwroot/backend/mysql/backend.inc
index b3f17dc3e2904e23b91a9beeb465972c6752a5be..cca3d709f5212addeb1904cb3980c98fce234318 100644 (file)
--- a/wwwroot/backend/mysql/backend.inc
+++ b/wwwroot/backend/mysql/backend.inc
@@ -1,3 +1,37 @@
 <?
+
+global $node,$db,$error;
 // All mysql code should go here
+// Split into multiple files if needed
+
+
+// Called for every node view. Updates node views, neurons, 
+function update_nodes(user_id,node_id,referer_id) {
+
+       $db->update("update nodes set node_views=node_views+1 where".
+                    "node_id='".$node_id."'");
+       if (is_numeric($referer_id) && ($referer_id)) {
+               $q="update neurons set synapse=synapse+1 where ".
+                   "dst='".$node_id."' and src='$referer_id'";
+               $result=$db->update($q);
+               if (!$result) {
+                       $q="insert into neurons set synapse_creator='".
+                          $user_id."',dst='".$node_id.
+                          "',src='$referer_id',synapse=1";
+                       $db->query($q);
+               }
+       }
+
+       // LEVENSHTEIN
+
+       // these 4 lines are not the source of kyberia lagging problems.
+       // leave them. started on the 10.4. 
+       // data gained will be used for scientific purposes
+       if ($user_id) {
+               $q="insert delayed into levenshtein set user_id='".
+                   $user_id."',node_id='".$node_id."'";
+               $db->update($q);
+       }
+}
+
 ?>

diff --git a/wwwroot/config/config_default.inc b/wwwroot/config/config_default.inc
index 8acfcba6580f0ec9a160001856999cb0bcee24ea..4eaaa88f2154cf6b9a5a5c6794581935bd060023 100644 (file)
--- a/wwwroot/config/config_default.inc
+++ b/wwwroot/config/config_default.inc
@@ -2,6 +2,7 @@
 // Default kyberia configuration file.
 // This runs kyberia on localhost with single database.
 
+define('DB_TYPE',              'mysql');       // mysql of psql so far.
 define('DB_HOST',              'localhost');
 define('DB_USER',              'kyberia');
 define('DB_PASS',              'levenshtein');
@@ -25,6 +26,11 @@ define('CLASS_DIR',          INCLUDE_DIR . 'class/');
 define('EVENT_DIR',            INCLUDE_DIR . 'eventz/');
 define('SYSTEM_URL',           'kyberia.cz:8023');
 
+define('SYSTEM_SMTP',          'molly.kyberia.cz');
+define('SYSTEM_EMAIL',         'admin@kyberia.cz');
+define('SYSTEM_EMAIL_NAME',    'Ubik osobne');
+
+
 define('UBIK_ID',              '332');
 define('DEFAULT_LISTING_AMOUNT','32');
 define('DEFAULT_LISTING_ORDER',        'desc');

diff --git a/wwwroot/inc/eventz/register_users.inc b/wwwroot/inc/eventz/register_users.inc
index dba50884fdad697aa287f3f20089af7f7e9d37fb..ebb06a6eb8e9a169b9b7a738a84867195a1a363b 100644 (file)
--- a/wwwroot/inc/eventz/register_users.inc
+++ b/wwwroot/inc/eventz/register_users.inc
@@ -1,3 +1,5 @@
+<?
+// XXX not used at all. Registration is performed from cron
 function register_users() {
 global $permissions,$node,$db,$error;
 $user_id=$_SESSION['user_id'];
@@ -5,7 +7,7 @@ $user_name=$_SESSION['user_name'];
 $hello="ahoj, tymto ta vitam v systeme ".SYSTEM_URL.". do systemu ta zaregistrovala moja malickost. v pripade ze budes mat akykolvek problem, kontaktuj ma prosim cez postunnako prve by si mal navstivit forum Zaciname s kyberiou\n\ntoto je automaticky vygenerovana sprava";
 require(INCLUDE_DIR."phpmailer.inc");
 $mail = new PHPMailer();
-$mail->IsSMTP(); // send via SMTP
+$mail->IsSMTP(); // send via SMTP // XXX use constants from config file
 $mail->Host = "molly.kyberia.cz"; // SMTP servers
 $mail->From = "root@kyberia.cz";
 $mail->FromName = "kyberia.cz admin";
@@ -14,37 +16,38 @@ $mail->Subject = "kyberia.cz uspesna registracia";
 
 
 if (!$permissions['w']) {
-$error="you don't have permissions for performing this event";
-return false;
+       $error="you don't have permissions for performing this event";
+       return false;
 }
 
-foreach ($_POST['waiting'] as $user =>$value) {
-$set=$db->query("select email,login,node_creator from users left join nodes on nodes.node_id=users.user_id where user_id='$user'");
-$set->next();
-$email=$set->getString('email');
-$login=$set->getString('login');
+foreach ($_POST['waiting'] as $user =>$value) { //XXX SQLi
+       $set=$db->query("select email,login,node_creator from users".
+                       "left join nodes on nodes.node_id=users.user_id".
+                       "where user_id='$user'");
+       $set->next();
+       $email=$set->getString('email');
+       $login=$set->getString('login');
 
-$application_id=$set->getString('node_creator');
+       $application_id=$set->getString('node_creator');
 
-$params['node_creator']=$user_id;
-$params['node_parent']=$application_id;
-$params['node_name']="$login registered";
-$params['node_content']="user $login successfully registered by $user_name";
-nodes::addNode($params);
-
-$db->query("update nodes set node_creator=node_id where node_id='$user'");
-$db->query("insert into mail set mail_user='$user',mail_to='$user',mail_from='$user_id',mail_text='$hello'");
-$db->query("insert into mail set mail_user='$user_id',mail_to='$user',mail_from='$user_id',mail_text='$hello'");
-$db->query("update users set user_mail='1',user_mail_name='$user_name' where user_id='$user'");
-$mail->ClearAddresses();
-$mail->AddAddress($email); // optional name
-$mail->AltBody = "bol si uspesne zaregistrovany do komunity ".SYSTEM_URL." s loginom $login . njoy";
-if(!$mail->Send())
-{
-$error="could not sent mail";
-return false;
-}
+       $params['node_creator']=$user_id;
+       $params['node_parent']=$application_id;
+       $params['node_name']="$login registered";
+       $params['node_content']="user $login successfully registered by $user_name";
+       nodes::addNode($params);
 
+       $db->query("update nodes set node_creator=node_id where node_id='$user'");
+       $db->query("insert into mail set mail_user='$user',mail_to='$user',mail_from='$user_id',mail_text='$hello'");
+       $db->query("insert into mail set mail_user='$user_id',mail_to='$user',mail_from='$user_id',mail_text='$hello'");
+       $db->query("update users set user_mail='1',user_mail_name='$user_name' where user_id='$user'");
+       $mail->ClearAddresses();
+       $mail->AddAddress($email); // optional name
+       $mail->AltBody = "bol si uspesne zaregistrovany do komunity "
+                       .SYSTEM_URL." s loginom $login . njoy";
+       if(!$mail->Send()){
+               $error="could not sent mail";
+               return false;
+       }
 }
 return true;
 }

diff --git a/wwwroot/inc/eventz/registruj_novych.inc b/wwwroot/inc/eventz/registruj_novych.inc
index ed08bd7d18f124d778ee69698254a0b636fa5885..bda9f25b075c1c2f453990d6ca10d09a1aa93c98 100644 (file)
--- a/wwwroot/inc/eventz/registruj_novych.inc
+++ b/wwwroot/inc/eventz/registruj_novych.inc
@@ -1,17 +1,15 @@
 <?php
+
+// XXX is this even used?
+
 function registruj_novych() {
 global $db,$error;
-// 2110364 >> debug user
 
-$q="select users.login as persona,users.email as email,k,node_id,node_creator,login from nodes
-left join users on nodes.node_creator=users.user_id where node_name='request for access' and node_parent=2091448 and
-k>=5";
+// XXX parametrize
 
-/*
 $q="select users.login as persona,users.email as email,k,node_id,node_creator,login from nodes
-left join users on nodes.node_creator=users.user_id where node_name!='request for access' and node_parent=2091448 and
-k>=3 and user_id=2110364";
-*/
+left join users on nodes.node_creator=users.user_id where 
+node_name='request for access' and node_parent=2091448 and k>=5";
 
 $set=$db->query($q);
 while ($set->next()) {

diff --git a/wwwroot/nodes.php b/wwwroot/nodes.php
index cbbed84728818af6f8f6910b6685b401fdbabc58..9a5ff1bb832ebe3462f342b389d19f49e26c0b77 100644 (file)
--- a/wwwroot/nodes.php
+++ b/wwwroot/nodes.php
@@ -48,15 +48,16 @@ $db = new CLASS_DATABASE();
 
 if (!empty($_GET['template_id'])) {
        $template_id=$_GET['template_id'];
+} else {
+       $template_id=false;
 }
-else $template_id=false;
 
 //initializing node methods
 if (!empty($_GET['node_name'])) {
        $node  = nodes::redirByName($_GET['node_name']);
-}
-elseif (!empty($_GET['node_id'])) {
-       $node = nodes::getNodeById($_GET['node_id'],(isset($_SESSION['user_id']))?$_SESSION['user_id']:'');
+} elseif (!empty($_GET['node_id'])) {
+       $node = nodes::getNodeById($_GET['node_id'],
+               (isset($_SESSION['user_id']))?$_SESSION['user_id']:'');
 }
 
 //XXX Paths are wrong (!)
@@ -135,7 +136,7 @@ function _checkPermissions()
 }
 
 // mail rss
-if ($template_id=='rss')
+if ($template_id=='rss') //XXX WHAT?
 {
        $_feedType = "RSS0.91";
        if (!is_numeric($_SESSION['user_id']))
@@ -172,6 +173,7 @@ if ($template_id=='rss')
           $rss->description = "";
           $rss->link = "https://". SYSTEM_URL . "/id/24";
 
+               //XXX into function
           $query = "select date_format(mail.mail_timestamp,\"%e.%c. %k:%i:%s\") as cas,
    userfrom.user_action as locationfrom_action,
    userfrom.user_action_id as locationfrom_action_id,
@@ -202,7 +204,7 @@ if ($template_id=='rss')
 
                $rss = new UniversalFeedCreator();
                $rss->title = "Kyberia bookmarks";
-               $rss->link = "http://".SYSTEM_URL."/id/19";
+               $rss->link = "http://".SYSTEM_URL."/id/19"; //XXX https ?
 
                require_once(SMARTY_PLUGIN_DIR.'/function.get_bookmarks.php');
                smarty_function_get_bookmarks(array(), $smarty);
@@ -265,29 +267,37 @@ _checkPermissions();
 //sventest
 if (($permissions['r']) || ($event != 'register')) {
 
-//performing node_events (based on update/insert/delete db queries)
-if ($event) {
-       require(INCLUDE_DIR.'eventz.inc');
-}
+       //performing node_events (based on update/insert/delete db queries)
+       if ($event) {
+               require(INCLUDE_DIR.'eventz.inc');
+       }
 
-elseif ($transaction) {
-       require(INCLUDE_DIR.'transaction.inc');
-}
-//end of performing node events
+       elseif ($transaction) {
+               require(INCLUDE_DIR.'transaction.inc');
+       }
+       //end of performing node events
 
-//sventest
+       //sventest
 }
 
 
 if ($permissions['r']) {
 
-//these 4 lines are not the source of kyberia lagging problems. leave them. started on the 10.4. data gained will be used for scientific purposes
+// these 4 lines are not the source of kyberia lagging problems.
+// leave them. started on the 10.4. 
+// data gained will be used for scientific purposes
+
+// if (isset($_SESSION['user_id']) {
+//     log_levenshtein($_SESSION['user_id'],$node['node_id']);
+// }
+
 if ((isset($_SESSION['user_id'])) && ($_SESSION['user_id'])) {
        $q="insert delayed into levenshtein set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."'";
        $db->update($q);
 }
 
 //if node is css
+//XXX into function
 if ($node['template_id']!='2019721'){
 
        logger::log('enter',$node['node_id'],'ok',$node['node_user_subchild_count']);
@@ -299,12 +309,21 @@ if ($node['template_id']!='2019721'){
                if (!$result) {
                        $q="insert into node_access set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."',last_visit=NOW()";
                        $db->query($q);
-       }
-}//end of if node os css
+               }
+       }//end of if node os css
 }
 
+}
+
+//XXX into function
+// if (isset($_SESSION['user_id']) {
+//     if (isset($referer_id)) {
+//             update_nodes($_SESSION['user_id'],$node['node_id'],$referer_id);
+//     } else {
+//             update_nodes($_SESSION['user_id'],$node['node_id'],0);  
+//     }
+// }
 
-       }
 // DO NOT MESS WITH THIS !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 //creating neural network
 $db->update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'");
@@ -324,6 +343,7 @@ elseif (!$permissions['r'] && $_GET['magic_word']) {
        if ( preg_match("/(\d+)-(.+)/",$_GET['magic_word'],$mu)) {
                $magic_uid=$mu['1'];
                $magic_word=addslashes($mu['2']);
+               // XXX WTF column magic_word does not exists
                $q="select login from users where user_id='$magic_uid' and magic_word='$magic_word'";
                $set=$db->query($q);
                if ($set->getNumRows()) {
@@ -355,6 +375,7 @@ if (isset($_SESSION['user_id'])&&($user_id=$_SESSION['user_id'])) {
         $smarty->assign('friends',$_SESSION['friends']); //req by freezy, done by darkaural
        $smarty->assign('user_quota',$_SESSION['user_quota']);
 
+       // XXX into function
        $newmail_q = sprintf('select u.user_mail_id
                                , u.user_k
                                , u.k_wallet
@@ -367,10 +388,10 @@ if (isset($_SESSION['user_id'])&&($user_id=$_SESSION['user_id'])) {
                                $user_id);
        $newmailset = $db->query($newmail_q);
 
-//$newmailset=$db->query("select user_mail,user_mail_name,user_k,k_wallet from users where user_id='$user_id'");
 
        $newmailset->next();
        $new_mail=$newmailset->getString('user_mail');
+       // XXX into function
        $newmailset2 = $db->query("select users.user_mail_id,mailsender.login
  from users left join users as mailsender on users.user_mail_id = mailsender.user_id where users.user_id = '$user_id'");
        $newmailset2->next();
@@ -387,6 +408,7 @@ if (isset($_SESSION['user_id'])&&($user_id=$_SESSION['user_id'])) {
        if ($node['node_name']=='mail') {
 
                //clear new mail message
+               
                if ($new_mail) $db->query("update users set user_mail=0 where user_id='$user_id'");
 
                //set messages as delivered to recipient
@@ -434,6 +456,7 @@ else {
 }
 
 
+// XXX into function
 if (($node['template_id']!='2019721') && (isset($_SESSION['user_id']))){
 //setting user location
 $q="update users set last_action=NOW(),user_location_vector='".$node['node_vector']."',user_action='".addslashes($node['node_name'])."',user_action_id='".$node['node_id']."' where user_id='".$_SESSION['user_id']."'";