Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options

BlogThis develoment

edited January 2010 in Vanilla 2.0 - 2.8
Anyone working on a port for BlogThis addon for V2?

If not, any one willing to do it for a price?

Comments

  • Options
    Bump! Still no one willing to port this to V2?
  • Options
    V2 is still work in progress, most people don't want to commit too much to it right now.
  • Options
    fair enough, moving forward then with .10

    Way to many addons i need to wait for v2.
  • Options
    RaizeRaize vancouver ✭✭
    BlogThis was by far the most valuable add-on for my site.

    Much easier than trying to do it the other way around (integrate a forum with a blog).
  • Options
    I'm probably gonna build an application for Garden to work as blog
  • Options
    lucluc ✭✭
    edited February 2010
    I've already done something, but this is just to be used as a tutorial.

    http://bitbucket.org/bean/simpleblog/

    It's been a while since I had time to redo the different steps and document it.
    I planned to show this to @Mark once everything is written, to be used as the "Application" doc. Hopefully, I will find time to finish this within a month.
  • Options
    SS ✭✭
    edited February 2010
    @luc
    I've seen simpleblog's code and I have some comments.

    1. Add/Edit are similarity. No need separate the code in controller and views.
    Use such:

    public function Add(){
    $this->Permission('Blog.Entry.Add');
    $this->View = 'Edit';
    $this->Edit();
    }

    public function Edit($ID = ''){
    if (Is_Numeric($ID)){
    $Data = $Model->GetID($ID);
    if($Data == False) Redirect('garden/home/filenotfound');
    // editing
    // check permissions here
    }else{
    // new
    }
    ....
    $this->Render();
    }

    And views too. See example code in applications\vanilla\views\post\comment.php

    2. Model.
    $SimpleblogModel = new Gdn_Model('Simpleblog', $Validation);
    Gdn_Model - accept only one param: table name. But why you use class "Gdn_Model" if you created special class model "SimpleblogModel"?

    3. Security. You getting UserID from hidden field and dont checking it in Model::Save(). So hacker can add blog entry for any user with substituted post request.

    3.1. echo sprintf('%s', $Blog->Body); - bad construction.
    Use Format::Html() or Format::To($Blog->Body, 'Html')

    4. SimpleblogModel::Save(). Actually this method is uselless for this simple construction. Parent method of Gdn_Model will do this (and validation too, if "UserID" field was named InsertUserID)
  • Options
    lucluc ✭✭
    edited February 2010
    Thanks @S.

    1. the 2 methods/views are done on purpose. To teach people how to write things, I think it will confuse people if everything is merged directly. But it could, definitely, be merged in a future step of the tutorial it's meant to be.

    2. no idea. :)

    3. Indeed, it will have been one of the caveat written in the tutorial commentary, as many other checks are missing too, checks complicates code for beginners.

    3.1 It's used in vanilla2 code somewhere though, as it's where I've picked it :).

    4. It's been a while since I wrote all this, and I've had pratically no php experience beforehand, and not that much programming experience too :).
    I'll have a look again.



    It is indeed something not to use in the real world as many things are missing (some of those are already stated in the wiki page of the project), the purpose of this is to understand how you can write an application with garden.
    The differents commits in the project will be whipped clean, and new ones following each steps will be created so that users can learn from it, viewing the diffs easily.
    I aim it for beginners, not for people used to do php already.


    Thanks for the feedback, maybe if I have time, or demand is high, it will grow into a real blogging system, but don't count on it.
Sign In or Register to comment.