Please login or register.

Login with username, password and session length
Advanced search  

Author Topic: [ADDON] guestbook  (Read 8590 times)

Patrik

  • Jr. Member
  • **
  • Karma: 0
  • Posts: 89
    • http://pawe.se/
[ADDON] guestbook
« on: September 17, 2006, 12:00:19 pm »

I'm working on a guestbook (maby the most unnecessary addon :)) and the guestbook gets the settings (database, language, pagination and more) from the snewsfile. And that exactly how I want it.

But when I started to work on a little adminthing, like that the logged in user could delete posts, that was when I ran into some "problems". Then, first I put the delete function into my guestbook file but when I link to that function it goes to guestbook.php but then the guestbook.php is'nt included into the page with [include] the database settings is'nt there. So that means that I must put the delete function into the snews file. And I don't want that :)

So one solution is to have the database settings and connetction in a sepparate file and then include it in both snews.php and guestbook.php but then snews woud'nt be a singlefile cms :(

Another solution could be to put the settings in both snews.php and guestbook.php but that I don't want to. The user then must put in the settings twince.

But is there a solution that I hav'nt thought of?

I want the addons to be (as much as possible) like, just upload the addon and include it into snews. Then it should work.

Here's a link to my guestbook:
http://pawe.se/blog/gastbok/

I can give you the guestbook file later today but I have one thing to do first. And now I must go and vote in the swedish selection :)
Logged
Visit me: http://pawe.se/

Mika

  • Hero Member
  • *****
  • Karma: 9
  • Posts: 1377
    • http://www.ni5ni6.com/
[ADDON] guestbook
« Reply #1 on: September 17, 2006, 12:25:40 pm »

election day today? nice - give my vote to pat, will you?
Logged
http://www.ni5ni6.com/ - Tutorials, Mods and How-To's about sNews CMS
sNews 1.6 Developers Edition - commented sNews 1.6 version

Patrik

  • Jr. Member
  • **
  • Karma: 0
  • Posts: 89
    • http://pawe.se/
[ADDON] guestbook
« Reply #2 on: September 17, 2006, 02:17:21 pm »

Mika: DONE ;)

Here's the guestbook as it is today. I'm a phpnoobie so I take all help I can get.. ;)

You can download it on this page:
http://pawe.se/blog/snews/

I need someone who can be kind and test it fore me? I need to find all the bugs :D

Cheers :)
Logged
Visit me: http://pawe.se/

Fred K

  • Still trying to learn stuff
  • ULTIMATE member
  • ******
  • Karma: 130
  • Posts: 2728
    • Personal
[ADDON] guestbook
« Reply #3 on: September 17, 2006, 05:43:55 pm »

Patrik, this may seem stupid but it's just a thought: why not just create a category called Gästbok, write the welcome post and then let people use the comment feature to add to the guestbook? You've probably already thought of that, but I figured I'd ask anyway. It's how I would do it if I wanted a guestbook.
(Sorry, but that's the only solution I have to offer...)

Mika: After too many years with Humpty-Dumpty as PM, the prospect of having a PM that does the helicopter when cleaning house seems ... hm, wait a minute. Actually it's not a bad idea! If nothing, it would at least bring humour back into politics! Patric for Pres!! :lol:
Logged

Patrik

  • Jr. Member
  • **
  • Karma: 0
  • Posts: 89
    • http://pawe.se/
[ADDON] guestbook
« Reply #4 on: September 17, 2006, 06:23:44 pm »

Well, as I said, "maby the most unnecessary addon"...hehe...

I went for this guestbook for three reasons.

1. It's fun too learn php and why not begin with something easy that you may finalize :)
2. I've get too learn how to do addons for sNews the best way. How to really integrate it into sNews.
3. I like the comments to sort by ASC with the oldest on the top. But in a guestbook I want the opposite order.. :)

And I really want to get better on PHP so I can contribute to the sNews team in some way other than just using there product.. :)
Logged
Visit me: http://pawe.se/

Mika

  • Hero Member
  • *****
  • Karma: 9
  • Posts: 1377
    • http://www.ni5ni6.com/
[ADDON] guestbook
« Reply #5 on: September 17, 2006, 07:44:30 pm »

here's a couple of thoughts:
- the smallest part of your app is actually a guestbook routine, and the rest is bbcode parser -> why use complicated bbcode (initializing, recognizing, checking, converting to html) when you can implement limited usage of html (see Luka's JS solution)?
- all PHP Superglobals must be cleaned and sanitized before any sql call
Quote
//example
function clean() {
# cleaning routine goes here
}

# this is proper sanitation and usage of superglobals
$id = clean($_GET['some_id']);
sql = "SELECT * FROM guestbook WHERE id = $id";
# this screams "hack me!! I'm wide open!!"
sql = "SELECT * FROM guestbook WHERE id = $_GET['some_id']";
- if this is your first functional app created from scratch, you should be proud of it. and you're right - it doesn't matter whether your gastbok is useful or not, as long as you're having fun coding it :)
Logged
http://www.ni5ni6.com/ - Tutorials, Mods and How-To's about sNews CMS
sNews 1.6 Developers Edition - commented sNews 1.6 version

Patrik

  • Jr. Member
  • **
  • Karma: 0
  • Posts: 89
    • http://pawe.se/
[ADDON] guestbook
« Reply #6 on: September 17, 2006, 09:30:56 pm »

Whoppa! Thanks Mika! This is exactly what I need :) Its pretty much my first real app created from scratch so this with security is absolutely something I must learn :D

Gona look at Luka's JS solution becase as you say, my guestbook IS pretty much just the parsercode :) Limited usage of html seems to the thing :D

Hopefully the next version will be smaller and more secure.. :D

Thanks again Mika!
Logged
Visit me: http://pawe.se/

Patrik

  • Jr. Member
  • **
  • Karma: 0
  • Posts: 89
    • http://pawe.se/
[ADDON] guestbook
« Reply #7 on: September 19, 2006, 04:04:05 pm »

Today I had some time to play with my guestbook again.

I tried to look at your codeexample Mika but I don't really get it (yet) how I should do my code not to scream hack me... :D If you can explain again I maby can get it :) Or if you have some nice page where I can read about it :) I'am gona use google later ;)

However, I've taken away the BBCode and instead I use Luka's limited html code. Works great :) The file become smaller and hopefully a bit easier to understand :) Thanks for the help!

As usual, (if someone wants it)...
Download: Click here.
Demo: Click here.
Logged
Visit me: http://pawe.se/