#include "../../../include/http/pages/boardspage.h"\r
#include "../../../include/stringfunctions.h"\r
-#include "../../../include/datetime.h"\r
+\r
+#include <Poco/DateTime.h>\r
+#include <Poco/DateTimeFormatter.h>\r
\r
#ifdef XMEM\r
#include <xmem.h>\r
std::string startrowstr="0";\r
std::string boardsearch="";\r
std::string sql="";\r
- DateTime now;\r
- now.SetToGMTime();\r
+ Poco::DateTime now;\r
\r
if(queryvars.find("formaction")!=queryvars.end())\r
{\r
- if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && queryvars.find("boarddescription")!=queryvars.end())\r
+ if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && queryvars.find("boarddescription")!=queryvars.end() && ValidateFormPassword(queryvars))\r
{\r
std::string boardname="";\r
std::string boarddescription="";\r
SQLite3DB::Statement addst=m_db->Prepare("INSERT INTO tblBoard(BoardName,BoardDescription,DateAdded,AddedMethod) VALUES(?,?,?,?);");\r
addst.Bind(0,boardname);\r
addst.Bind(1,boarddescription);\r
- addst.Bind(2,now.Format("%Y-%m-%d %H:%M:%S"));\r
+ addst.Bind(2,Poco::DateTimeFormatter::format(now,"%Y-%m-%d %H:%M:%S"));\r
addst.Bind(3,"Added manually");\r
addst.Step();\r
}\r
- if((*queryvars.find("formaction")).second=="remove0messages")\r
+ if((*queryvars.find("formaction")).second=="remove0messages" && ValidateFormPassword(queryvars))\r
{\r
m_db->Execute("DELETE FROM tblBoard WHERE BoardID IN (SELECT BoardID FROM vwBoardStats WHERE MessageCount=0 AND BoardID NOT IN (SELECT BoardID FROM tblAdministrationBoard));");\r
}\r
- if((*queryvars.find("formaction")).second=="update")\r
+ if((*queryvars.find("formaction")).second=="update" && ValidateFormPassword(queryvars))\r
{\r
int boardid;\r
std::vector<std::string> boardids;\r
\r
content+="<tr>";\r
content+="<td colspan=\"3\"><center>";\r
- content+="<form name=\"frmboardsearch\" action=\"boards.htm\" method=\"POST\"><input type=\"text\" name=\"boardsearch\" value=\""+SanitizeOutput(boardsearch)+"\"><input type=\"submit\" value=\"Search\"></form>";\r
+ content+="<form name=\"frmboardsearch\" action=\"boards.htm\" method=\"POST\"><input type=\"text\" name=\"boardsearch\" value=\""+SanitizeOutput(boardsearch)+"\">"+CreateFormPassword()+"<input type=\"submit\" value=\"Search\"></form>";\r
content+="</center></td>";\r
content+="</tr>";\r
\r
content+="<tr>";\r
content+="<td colspan=\"3\"><center>";\r
- content+="<form name=\"frmremoveboard\" action=\"boards.htm\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"remove0messages\">Remove boards with 0 messages<input type=\"submit\" value=\"Remove\"></form>";\r
+ content+="<form name=\"frmremoveboard\" action=\"boards.htm\" method=\"POST\">"+CreateFormPassword()+"<input type=\"hidden\" name=\"formaction\" value=\"remove0messages\">Remove boards with 0 messages<input type=\"submit\" value=\"Remove\"></form>";\r
content+="</center></td>";\r
content+="</tr>";\r
\r
content+="<tr>";\r
- content+="<td><form name=\"frmaddboard\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"addboard\"><input type=\"text\" name=\"boardname\"></td><td><input type=\"text\" name=\"boarddescription\" size=\"40\" maxlength=\"50\"></td><td><input type=\"submit\" value=\"Add Board\"></form></td>";\r
+ content+="<td><form name=\"frmaddboard\" method=\"POST\">"+CreateFormPassword()+"<input type=\"hidden\" name=\"formaction\" value=\"addboard\"><input type=\"text\" name=\"boardname\"></td><td><input type=\"text\" name=\"boarddescription\" size=\"40\" maxlength=\"50\"></td><td><input type=\"submit\" value=\"Add Board\"></form></td>";\r
content+="</tr>";\r
\r
- content+="<tr><td colspan=\"4\"><hr><form name=\"frmboards\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"update\"></td></tr>";\r
+ content+="<tr><td colspan=\"4\"><hr><form name=\"frmboards\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"update\">"+CreateFormPassword()+"</td></tr>";\r
content+="<tr>";\r
content+="<th>Name</th><th>Description</th><th>Save Received Messages *</th><th>Added Method</th>";\r
content+="</tr>"; \r
content+="</tr>";\r
content+="</table>";\r
content+="<p class=\"paragraph\">";\r
- content+="* If you uncheck this box, any new messages you download that are posted to this board will be discarded.";\r
+ content+="* If you uncheck this box, any new messages you download that are posted to this board will be discarded. When multiple local identities are used, it is best not to discard messages from any boards, as identifying which identities are the same person is much easier when their message lists are missing messages from the same boards.";\r
content+="</p>";\r
\r
- return "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\n"+StringFunctions::Replace(m_template,"[CONTENT]",content);\r
+ return StringFunctions::Replace(m_template,"[CONTENT]",content);\r
}\r
\r
const bool BoardsPage::WillHandleURI(const std::string &uri)\r
projects / fms.git / blobdiff