"Tofu_Session",
"auth" => "Tofu_Default_Auth",
"perm" => "Tofu_Perm",
"user" => "Tofu_User")
);
function edit($row) {
echo "\n";
}
function load($id) {
if (! is_numeric($id)) { return ''; }
$query ="select
book.id as book_id,
book.name as book_name,
book.subtitle as book_subtitle,
book.asin as book_asin
from
book
where
book.id = $id";
$res = run_query($query);
return mysql_fetch_array($res);
}
function view($view, $id, $sort) {
global $db_tofu;
$query = "select book.id,
DATE_FORMAT( book.date_updated, '%M %D, %Y') as date_updated,
DATE_FORMAT( book.date_added, '%M %D, %Y') as date_added,
book.name,
book.subtitle,
book.asin,
book.contributor_id,
user.login as contributor_login
from
book, user
where
book.contributor_id = user.id
";
if ($id) {
$query .= "\n and book.id = $id ";
}
if ($sort) {
$query .= "\n order by " . $sort;
} else {
$query .= "\n order by name, subtitle\n";
}
$res = run_query($query);
if ($view == 'long') {
while ($db_tofu->next_record()) {
longView($db_tofu->Record);
}
} else {
echo "\n";
while ($db_tofu->next_record()) {
compactView($db_tofu->Record);
}
echo " |
";
}
}
function show_reviews($book_id, $reviewer_id) {
$query = "select
review.id as review_id,
review.rank as review_rank,
DATE_FORMAT( review.date_updated, '%M %D, %Y') as review_date_updated,
review,
review.date_updated,
user.name,
user.id as user_id,
user.login,
user.email
from
review, user
where
review.book_id = $book_id
and
review.user_id = user.id
";
if (! empty($reviewer_id)) {
$query .= "and\n review.user_id = " . $reviewer_id;
}
$query .= "\norder by review.date_updated desc";
$res = run_query($query);
echo "Reviews
\n\n";
while ($row = mysql_fetch_array($res)) {
echo "";;
echo $row['login'] . "\n";
echo $row['review_date_updated'] . "\n";
if ($row['review_rank'] > 0) {
echo "(" . $row['review_rank'] . ")";
}
if (($row['user_id'] == $GLOBALS['auth']->auth['tofu_id']) || ($GLOBALS['perm']->have_perm('admin')) ) {
echo "
";
echo "![](\"/images/pencil.gif\")
";
echo " Edit review\n";
}
echo "
\n" . $row['review'] . "
\n\n";
}
echo "";
if ($reviewer_id) {
echo "All reviewers | ";
}
echo "Add a review \n";
}
function avgRank($book_id) {
$query = "select count(*) as count, avg(rank) as avg from review where book_id=$book_id and rank > 0";
$res = run_query($query);
while ($row = mysql_fetch_array($res)) {
//echo "Of " . $row['count'] . " votes " . $row['avg'] . " is the average.";
$avg = $row['avg'];
}
return $avg;
}
function longView($row) {
echo "\n\n| ";
echo "\n " . $row['name'] . " \n";
//$avg = avgRank($row['id']);
$avg -= .5;
for ($i = 0; $i < $avg; $i++) {
echo "![](\"/images/carrotsmall.gif\") ";
}
echo "
" . $row['subtitle'] . " ";
if (($row['contributor_id'] == $GLOBALS['auth']->auth['tofu_id']) || ($GLOBALS['perm']->have_perm('admin')) ) {
echo "";
echo "";
echo " Edit ";
}
echo "See it on Amazon";
echo "Category
\n";
echo " \n";
if (! empty($row['url'])) {
echo "URL: ";
echo "" . $row['url'] . "\n";
}
echo "Submitted: " . $row['date_added'];
echo " by " . $row['contributor_login'] . "
\n";
echo "Updated: " . $row['date_updated'] . "
\n";
echo " | \n";
$image_row = getImage('book', $row['id']);
if (! empty($image_row['name'])) {
echo "";
echo "![\""](\"/image/") ";
} else {
$no_image = 1;
}
echo " |
";
echo "
\n";
//show_reviews($row['id'],$GLOBALS['reviewer_id']);
if ($no_image) {
echo " | Add Image
";
}
}
function compactView($row) {
static $count;
if ($count++ < 1) {
echo "\n";
echo " | \n";
echo "Buy | \n";
echo " Name | \n";
echo " subtitle | \n";
echo " ISBN | \n";
echo " Edit | \n";
echo "
\n";
}
echo "\n";
echo " | $count | \n";
echo " Buy! | \n";
// $view_url = $GLOBALS['SCRIPT_NAME'] . "?view=long&id=" . $row['id'];
echo " " . $row['name'] . " | \n";
echo " " . $row['subtitle'] . " | \n";
echo " " . $row['asin'] . " | \n";
if (($row['contributor_id'] == $GLOBALS['auth']->auth['tofu_id']) || ($GLOBALS['perm']->have_perm('admin')) ) {
echo "Edit | \n";
} else {
echo " | \n";
}
echo "
\n";
}
function footer() {
echo "\n";
if ($GLOBALS['id']) {
echo "
All |\n";
}
echo "Long | ";
echo "Compact |\n";
echo "Add Book
";
echo "\n";
include("amazon_searchbox.inc.php3");
}
//--------- main program
//if (!isset($title)) { $title = 'Book'; }
include("lib.tofuguide.php3");
include("db.inc.php3");
$tables = parse_tables();
if ($mode == 'edit') {
$auth->login_if(! $perm->have_perm('user'));
// make sure they own the book or are an admin
//print "user id is " . $GLOBALS['user']->auth['user_id'];
if ($submit == 'Update') {
if (($tables['book']['contributor_id'] != $auth->auth['tofu_id']) and (! $perm->have_perm('admin')) ) {
include("header.inc.php3");
echo "It looks like you shouldn't be editing this. You currently can't update something another user posted. We hope to fix that soon. Thanks for trying. Why don't you tell us what needs changed?
";
print "";
for(reset($tables); $key = key($tables); next($tables)) {
print "- " . $key . " -> " . $tables[$key];
print "
";
for(reset($tables[$key]); $innerkey = key($tables[$key]); next($tables[$key])) {
print "- " . $innerkey . " -> " . $tables[$key][$innerkey];
}
print "
";
}
print "
";
} else {
$auth->login_if(! $perm->have_perm('user'));
$new_id = update($tables);
if (! empty($book__id)) {
header("Location: " . $GLOBALS['SCRIPT_NAME'] . "?view=long&id=$book__id");
} else {
header("Location: " . $GLOBALS['SCRIPT_NAME'] . "?view=long&id=$new_id");
}
}
} else {
if (! empty($id)) {
$title = "Edit Book #" . $id . " " . getName('book', $id);
} else {
$title = "Add Book";
}
include("header.inc.php3");
edit(load($id));
}
} else {
if (! empty($id)) {
$title = "View Book #" . $id . " " . getName('book', $id);
} else {
$title = "Books";
}
include("header.inc.php3");
view($view,$id,$sort);
}
footer();
//--------- main program
include("footer.inc.php3");
page_close()
?>