#include "../../../include/http/pages/controlboardpage.h"\r
#include "../../../include/stringfunctions.h"\r
-#include "../../../include/datetime.h"\r
+\r
+#include <Poco/DateTime.h>\r
+#include <Poco/DateTimeFormatter.h>\r
\r
#ifdef XMEM\r
#include <xmem.h>\r
\r
if(queryvars.find("formaction")!=queryvars.end())\r
{\r
- if((*queryvars.find("formaction")).second=="remove" && queryvars.find("boardid")!=queryvars.end())\r
+ if((*queryvars.find("formaction")).second=="remove" && queryvars.find("boardid")!=queryvars.end() && ValidateFormPassword(queryvars))\r
{\r
int boardid=0;\r
StringFunctions::Convert((*queryvars.find("boardid")).second,boardid);\r
st.Bind(0,boardid);\r
st.Step();\r
\r
- st=m_db->Prepare("DELETE FROM tblMessage WHERE MessageUUID IN (SELECT MessageUUID FROM tblMessage INNER JOIN tblMessageBoard ON tblMessage.MessageID=tblMessageBoard.MessageID WHERE BoardID=?);");\r
+ st=m_db->Prepare("DELETE FROM tblMessage WHERE MessageUUID IN (SELECT MessageUUID FROM tblMessage INNER JOIN tblMessageBoard ON tblMessage.MessageID=tblMessageBoard.MessageID WHERE BoardID=? AND MessageUUID IS NOT NULL);");\r
st.Bind(0,boardid);\r
st.Step();\r
\r
st.Step();\r
\r
}\r
- if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && (*queryvars.find("boardname")).second!="")\r
+ if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && (*queryvars.find("boardname")).second!="" && ValidateFormPassword(queryvars))\r
{\r
- DateTime date;\r
- date.SetToGMTime();\r
+ Poco::DateTime date;\r
st=m_db->Prepare("INSERT INTO tblBoard(BoardName,DateAdded) VALUES(?,?);");\r
st.Bind(0,(*queryvars.find("boardname")).second);\r
- st.Bind(1,date.Format("%Y-%m-%d %H:%M:%S"));\r
+ st.Bind(1,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S"));\r
if(st.Step(true))\r
{\r
boardid=st.GetLastInsertRowID();\r
\r
content+="<h2>Control Boards</h2>";\r
content+="<p class=\"paragraph\">";\r
- content+="These boards are special administration boards where sent messages will change the trust levels of the parent poster. These boards can not be used as regular boards, so make the name unique. The change in trust levels can be negative or positive, but keep in mind that the minimum trust level is 0 and the maximum trust level is 100. After the boards are created here, you may use your newreader to reply to a message to one or more of these boards, and the previous poster will have his trust levels changed as per the settings for that board.";\r
+ content+="These boards are special administration boards where sent messages will change the trust levels of the parent poster by ADDING these numbers to their current trust level. These boards can not be used as regular boards, so make the name unique. The change in trust levels can be negative or positive, but keep in mind that the minimum trust level is 0 and the maximum trust level is 100. After the boards are created here, you may use your newreader to reply to a message to one or more of these boards, and the previous poster will have his trust levels changed as per the settings for that board.";\r
content+="</p>";\r
\r
st=m_db->Prepare("SELECT tblBoard.BoardID,BoardName,ModifyLocalMessageTrust,ModifyLocalTrustListTrust FROM tblBoard INNER JOIN tblAdministrationBoard ON tblBoard.BoardID=tblAdministrationBoard.BoardID ORDER BY BoardName COLLATE NOCASE;");\r
content+="<td>"+changetrustlisttruststr+"</td>\r\n";\r
content+="<td>";\r
content+="<form name=\"frmremove\" method=\"POST\">";\r
+ content+=CreateFormPassword();\r
content+="<input type=\"hidden\" name=\"formaction\" value=\"remove\">";\r
content+="<input type=\"hidden\" name=\"boardid\" value=\""+boardidstr+"\">";\r
content+="<input type=\"submit\" value=\"Remove\">";\r
content+="<tr>";\r
content+="<td>";\r
content+="<form name=\"frmaddboard\" method=\"POST\">";\r
+ content+=CreateFormPassword();\r
content+="<input type=\"hidden\" name=\"formaction\" value=\"addboard\">";\r
content+="<input type=\"text\" name=\"boardname\">";\r
content+="</td>\r\n<td>";\r
- content+="<input type=\"text\" name=\"changemessagetrust\" size=\"2\" maxlength=\"3\">";\r
+ content+="<input type=\"text\" name=\"changemessagetrust\" size=\"2\" maxlength=\"4\">";\r
content+="</td>\r\n<td>";\r
- content+="<input type=\"text\" name=\"changetrustlisttrust\" size=\"2\" maxlength=\"3\">";\r
+ content+="<input type=\"text\" name=\"changetrustlisttrust\" size=\"2\" maxlength=\"4\">";\r
content+="</td>\r\n<td>";\r
content+="<input type=\"submit\" value=\"Add\">";\r
content+="</form>";\r
content+="</tr>";\r
content+="</table>";\r
\r
- return "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\n"+StringFunctions::Replace(m_template,"[CONTENT]",content);\r
+ return StringFunctions::Replace(m_template,"[CONTENT]",content);\r
}\r
\r
const bool ControlBoardPage::WillHandleURI(const std::string &uri)\r
projects / fms.git / blobdiff