Beispiel #1
0
/**
* Display main view (list of years)
*
* Displays an overview of all the years and months, starting with the first
* year for which a story has been posted. Can optionally display a list of
* the stories for the current month at the top of the page.
*
* @param    ref    &$template  reference of the template
* @param    string  $dir_topic current topic
* @return   string             list of all the years in the db
*
*/
function DIR_displayAll(&$template, $dir_topic)
{
    global $_TABLES, $LANG_DIR;
    $retval = '';
    $yearsql = array();
    $yearsql['mysql'] = "SELECT DISTINCT YEAR(date) AS year,date\n        FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n        WHERE (draft_flag = 0) AND (date <= NOW())\n        AND ta.type = 'article' AND ta.id = sid\n        " . COM_getTopicSql('AND', 0, 'ta') . COM_getPermSql('AND') . COM_getLangSQL('sid', 'AND');
    $yearsql['mssql'] = "SELECT YEAR(date) AS year\n        FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n        WHERE (draft_flag = 0) AND (date <= NOW())\n        AND ta.type = 'article' AND ta.id = sid\n        " . COM_getTopicSql('AND', 0, 'ta') . COM_getPermSql('AND') . COM_getLangSQL('sid', 'AND');
    $yearsql['pgsql'] = "SELECT EXTRACT( YEAR from date) AS year\n        FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n        WHERE (draft_flag = 0) AND (date <= NOW())\n        AND ta.type = 'article' AND ta.id = sid\n        " . COM_getTopicSql('AND', 0, 'ta') . COM_getPermSql('AND') . COM_getLangSQL('sid', 'AND');
    $ysql = array();
    $ysql['mysql'] = $yearsql['mysql'] . " GROUP BY YEAR(date) ORDER BY date DESC";
    $ysql['mssql'] = $yearsql['mssql'] . " GROUP BY YEAR(date) ORDER BY YEAR(date) DESC";
    $ysql['pgsql'] = $yearsql['pgsql'] . " GROUP BY year,date ORDER BY year DESC";
    $yresult = DB_query($ysql);
    $numyears = DB_numRows($yresult);
    if ($numyears > 0) {
        for ($i = 0; $i < $numyears; $i++) {
            $Y = DB_fetchArray($yresult);
            if (TEMPLATE_EXISTS) {
                $template->set_var('section_title', $Y['year']);
                $retval .= $template->parse('title', 'section-title') . LB;
            } else {
                $retval .= '<h3>' . $Y['year'] . '</h3>' . LB;
            }
            $retval .= DIR_displayYear($template, $dir_topic, $Y['year']);
        }
    } else {
        if (TEMPLATE_EXISTS) {
            $retval .= $template->parse('message', 'no-articles') . LB;
        } else {
            $retval .= '<p>' . $LANG_DIR['no_articles'] . '</p>' . LB;
        }
    }
    return $retval;
}
/**
* Returns a list of stories with a give topic id
*/
function SITEMAPMENU_listStory($tid)
{
    global $_CONF, $_TABLES, $LANG_DIR;
    $retval = '';
    $sql = "SELECT sid, title, UNIX_TIMESTAMP(date) AS day " . "FROM {$_TABLES['stories']} " . "WHERE (draft_flag = 0) AND (date <= NOW())";
    if ($tid != 'all') {
        $sql .= " AND (tid = '{$tid}')";
    }
    $sql .= COM_getTopicSql('AND') . COM_getPermSql('AND') . " ORDER BY date DESC";
    $result = DB_query($sql);
    $numrows = DB_numRows($result);
    if ($numrows > 0) {
        $entries = array();
        for ($i = 0; $i < $numrows; $i++) {
            $A = DB_fetchArray($result);
            $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
            $entries[] = '<a class="nav-link" href="' . $url . '">' . SITEMAPMENU_esc(stripslashes($A['title'])) . '</a>';
        }
        $retval .= COM_makeList($entries) . LB;
    }
    return $retval;
}
Beispiel #3
0
/**
* Shows any new information in a block
*
* Return the HTML that shows any new stories, comments, etc
*
* @param    string  $help     Help file for block
* @param    string  $title    Title used in block header
* @param    string  $position Position in which block is being rendered 'left', 'right' or blank (for centre)
* @return   string  Return the HTML that shows any new stories, comments, etc
*
*/
function COM_whatsNewBlock($help = '', $title = '', $position = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG_WHATSNEW, $page, $newstories;
    $retval = COM_startBlock($title, $help, COM_getBlockTemplate('whats_new_block', 'header', $position));
    $topicsql = '';
    if ($_CONF['hidenewstories'] == 0 || $_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $topicsql = COM_getTopicSql('AND', 0, $_TABLES['stories']);
    }
    if ($_CONF['hidenewstories'] == 0) {
        $archsql = '';
        $archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
        if (!empty($archivetid)) {
            $archsql = " AND (tid <> '" . addslashes($archivetid) . "')";
        }
        // Find the newest stories
        $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
        $nrows = $A['count'];
        if (empty($title)) {
            $title = DB_getItem($_TABLES['blocks'], 'title', "name='whats_new_block'");
        }
        // Any late breaking news stories?
        $retval .= '<h3>' . $LANG01[99] . '</h3>';
        if ($nrows > 0) {
            $newmsg = COM_formatTimeString($LANG_WHATSNEW['new_string'], $_CONF['newstoriesinterval'], $LANG01[11], $nrows);
            if ($newstories && $page < 2) {
                $retval .= $newmsg . '<br' . XHTML . '>';
            } else {
                $retval .= COM_createLink($newmsg, $_CONF['site_url'] . '/index.php?display=new') . '<br' . XHTML . '>';
            }
        } else {
            $retval .= $LANG01[100] . '<br' . XHTML . '>';
        }
        if ($_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0 || $_CONF['hidenewplugins'] == 0) {
            $retval .= '<br' . XHTML . '>';
        }
    }
    if ($_CONF['hidenewcomments'] == 0) {
        // Go get the newest comments
        $retval .= '<h3>' . $LANG01[83] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newcommentsinterval']) . '</small></h3>';
        $stwhere = '';
        if (!COM_isAnonUser()) {
            $stwhere .= "({$_TABLES['stories']}.owner_id IS NOT NULL AND {$_TABLES['stories']}.perm_owner IS NOT NULL) OR ";
            $stwhere .= "({$_TABLES['stories']}.group_id IS NOT NULL AND {$_TABLES['stories']}.perm_group IS NOT NULL) OR ";
            $stwhere .= "({$_TABLES['stories']}.perm_members IS NOT NULL)";
        } else {
            $stwhere .= "({$_TABLES['stories']}.perm_anon IS NOT NULL)";
        }
        $sql = "SELECT DISTINCT COUNT(*) AS dups, type, {$_TABLES['stories']}.title, {$_TABLES['stories']}.sid, max({$_TABLES['comments']}.date) AS lastdate FROM {$_TABLES['comments']} LEFT JOIN {$_TABLES['stories']} ON (({$_TABLES['stories']}.sid = {$_TABLES['comments']}.sid)" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.commentcode >= 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . ") WHERE ({$_TABLES['comments']}.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newcommentsinterval']} SECOND))) AND ((({$stwhere}))) GROUP BY {$_TABLES['comments']}.sid,type, {$_TABLES['stories']}.title, {$_TABLES['stories']}.title, {$_TABLES['stories']}.sid ORDER BY 5 DESC LIMIT 15";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            $newcomments = array();
            for ($x = 0; $x < $nrows; $x++) {
                $A = DB_fetchArray($result);
                if ($A['type'] == 'article' || empty($A['type'])) {
                    $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']) . '#comments';
                }
                $title = COM_undoSpecialChars(stripslashes($A['title']));
                $titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                if ($title != $titletouse) {
                    $attr = array('title' => htmlspecialchars($title));
                } else {
                    $attr = array();
                }
                $acomment = str_replace('$', '&#36;', $titletouse);
                $acomment = str_replace(' ', '&nbsp;', $acomment);
                if ($A['dups'] > 1) {
                    $acomment .= ' [+' . $A['dups'] . ']';
                }
                $newcomments[] = COM_createLink($acomment, $url, $attr);
            }
            $retval .= COM_makeList($newcomments, 'list-new-comments');
        } else {
            $retval .= $LANG01[86] . '<br' . XHTML . '>' . LB;
        }
        if ($_CONF['hidenewplugins'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
            $retval .= '<br' . XHTML . '>';
        }
    }
    if ($_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $retval .= '<h3>' . $LANG01[114] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newtrackbackinterval']) . '</small></h3>';
        $sql = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            $newcomments = array();
            for ($i = 0; $i < $nrows; $i++) {
                $A = DB_fetchArray($result);
                $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']) . '#trackback';
                $title = COM_undoSpecialChars(stripslashes($A['title']));
                $titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                if ($title != $titletouse) {
                    $attr = array('title' => htmlspecialchars($title));
                } else {
                    $attr = array();
                }
                $acomment = str_replace('$', '&#36;', $titletouse);
                $acomment = str_replace(' ', '&nbsp;', $acomment);
                if ($A['count'] > 1) {
                    $acomment .= ' [+' . $A['count'] . ']';
                }
                $newcomments[] = COM_createLink($acomment, $url, $attr);
            }
            $retval .= COM_makeList($newcomments, 'list-new-trackbacks');
        } else {
            $retval .= $LANG01[115] . '<br' . XHTML . '>' . LB;
        }
        if ($_CONF['hidenewplugins'] == 0) {
            $retval .= '<br' . XHTML . '>';
        }
    }
    if ($_CONF['hidenewplugins'] == 0) {
        list($headlines, $smallheadlines, $content) = PLG_getWhatsNew();
        $plugins = count($headlines);
        if ($plugins > 0) {
            for ($i = 0; $i < $plugins; $i++) {
                $retval .= '<h3>' . $headlines[$i] . ' <small>' . $smallheadlines[$i] . '</small></h3>';
                if (is_array($content[$i])) {
                    $retval .= COM_makeList($content[$i], 'list-new-plugins');
                } else {
                    $retval .= $content[$i];
                }
                if ($i + 1 < $plugins) {
                    $retval .= '<br' . XHTML . '>';
                }
            }
        }
    }
    $retval .= COM_endBlock(COM_getBlockTemplate('whats_new_block', 'footer', $position));
    return $retval;
}
Beispiel #4
0
$totalhits = DB_getItem($_TABLES['vars'], 'value', "name = 'totalhits'");
$data_arr[] = array('title' => $LANG10[2], 'stats' => COM_NumberFormat($totalhits));
if ($_CONF['lastlogin']) {
    // if we keep track of the last login date, count the number of users
    // that have logged in during the last 4 weeks
    $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['users']} AS u,{$_TABLES['userinfo']} AS i WHERE (u.uid > 1) AND (u.uid = i.uid) AND (lastlogin <> '') AND (lastlogin >= UNIX_TIMESTAMP(DATE_SUB(NOW(), INTERVAL 28 DAY)))");
    list($active_users) = DB_fetchArray($result);
} else {
    // otherwise, just count all users with status 'active'
    // (i.e. those that logged in at least once and have not been banned since)
    $active_users = DB_count($_TABLES['users'], 'status', 3);
    $active_users--;
    // don't count the anonymous user account
}
$data_arr[] = array('title' => $LANG10[27], 'stats' => COM_NumberFormat($active_users));
$topicsql = COM_getTopicSql('AND');
$id = array('draft_flag', 'date');
$values = array('0', 'NOW()');
$result = DB_query("SELECT COUNT(*) AS count,SUM(comments) AS ccount FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND') . $topicsql);
$A = DB_fetchArray($result);
if (empty($A['ccount'])) {
    $A['ccount'] = 0;
}
$data_arr[] = array('title' => $LANG10[3], 'stats' => COM_NumberFormat($A['count']) . " (" . COM_NumberFormat($A['ccount']) . ")");
// new stats plugin API call
$plg_stats = PLG_getPluginStats(3);
if (count($plg_stats) > 0) {
    foreach ($plg_stats as $pstats) {
        if (is_array($pstats[0])) {
            foreach ($pstats as $pmstats) {
                $data_arr[] = array('title' => $pmstats[0], 'stats' => $pmstats[1]);
Beispiel #5
0
/**
* Display form to email a story to someone.
*
* @param    string  $sid    ID of article to email
* @return   string          HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN;
    $retval = '';
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
        $display = COM_siteHeader('menu', $LANG_LOGIN[1]);
        $display .= SEC_loginRequiredForm();
        $display .= COM_siteFooter();
        echo $display;
        exit;
    }
    $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getTopicSql('AND') . COM_getPermSql('AND'));
    $A = DB_fetchArray($result);
    if ($A['count'] == 0) {
        return COM_refresh($_CONF['site_url'] . '/index.php');
    }
    if ($msg > 0) {
        $retval .= COM_showMessage($msg, '', '', 0, 'info');
    }
    if (empty($from) && empty($fromemail)) {
        if (!COM_isAnonUser()) {
            $from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
            $fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
        }
    }
    $postmode = $_CONF['mailuser_postmode'];
    $mail_template = new Template($_CONF['path_layout'] . 'profiles');
    $mail_template->set_file('form', 'contactauthorform.thtml');
    if ($postmode == 'html') {
        $mail_template->set_var('show_htmleditor', true);
    } else {
        $mail_template->unset_var('show_htmleditor');
    }
    $mail_template->set_var('lang_postmode', $LANG03[2]);
    $mail_template->set_var('postmode', $postmode);
    $mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
    $mail_template->set_var('lang_fromname', $LANG08[20]);
    $mail_template->set_var('name', $from);
    $mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
    $mail_template->set_var('email', $fromemail);
    $mail_template->set_var('lang_toname', $LANG08[18]);
    $mail_template->set_var('toname', $to);
    $mail_template->set_var('lang_toemailaddress', $LANG08[19]);
    $mail_template->set_var('toemail', $toemail);
    $mail_template->set_var('lang_shortmessage', $LANG08[27]);
    $mail_template->set_var('shortmsg', @htmlspecialchars($shortmsg, ENT_COMPAT, COM_getEncodingt()));
    $mail_template->set_var('lang_warning', $LANG08[22]);
    $mail_template->set_var('lang_sendmessage', $LANG08[16]);
    $mail_template->set_var('story_id', $sid);
    PLG_templateSetVars('emailstory', $mail_template);
    $mail_template->set_var('end_block', COM_endBlock());
    $mail_template->parse('output', 'form');
    $retval .= $mail_template->finish($mail_template->get_var('output'));
    return $retval;
}
Beispiel #6
0
    }
}
COM_setArgNames(array('id', 'type'));
$id = COM_applyFilter(COM_getArgument('id'));
$type = COM_applyFilter(COM_getArgument('type'));
if (empty($id)) {
    TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']);
    exit;
}
if (empty($type)) {
    $type = 'article';
}
if ($type == 'article') {
    // check if they have access to this story
    $sid = DB_escapeString($id);
    $result = DB_query("SELECT trackbackcode FROM {$_TABLES['stories']} WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . COM_getTopicSql('AND'));
    if (DB_numRows($result) == 1) {
        $A = DB_fetchArray($result);
        if ($A['trackbackcode'] == 0) {
            TRB_handleTrackbackPing($id, $type);
        } else {
            TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
        }
    } else {
        TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
    }
} else {
    if (PLG_handlePingComment($type, $id, 'acceptByID') === true) {
        TRB_handleTrackbackPing($id, $type);
    } else {
        TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
Beispiel #7
0
 /**
  * Returns an array of (
  *   'id'        => $id (string),
  *   'title'     => $title (string),
  *   'uri'       => $uri (string),
  *   'date'      => $date (int: Unix timestamp),
  *   'image_uri' => $image_uri (string)
  * )
  */
 public function getItemsByDate($tid = '', $all_langs = FALSE)
 {
     global $_CONF, $_TABLES;
     $entries = array();
     if (empty(Dataproxy::$startDate) or empty(Dataproxy::$endDate)) {
         return $entries;
     }
     $sql = "SELECT sid, title, UNIX_TIMESTAMP(date) AS day " . "  FROM {$_TABLES['stories']} " . "WHERE (draft_flag = 0) AND (date <= NOW()) " . "  AND (UNIX_TIMESTAMP(date) BETWEEN '" . Dataproxy::$startDate . "' AND '" . Dataproxy::$endDate . "') ";
     if (!empty($tid)) {
         $sql .= "AND (tid = '" . addslashes($tid) . "') ";
     }
     if (!Dataproxy::isRoot()) {
         $sql .= COM_getTopicSql('AND', Dataproxy::uid()) . COM_getPermSql('AND', Dataproxy::uid());
         if (function_exists('COM_getLangSQL') and $all_langs === FALSE) {
             $sql .= COM_getLangSQL('sid', 'AND');
         }
     }
     $result = DB_query($sql);
     if (DB_error()) {
         return $entries;
     }
     while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
         $entry = array();
         $entry['id'] = stripslashes($A['sid']);
         $entry['title'] = stripslashes($A['title']);
         $entry['uri'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . stripslashes($A['sid']));
         $entry['date'] = $A['day'];
         $entry['imageurl'] = FALSE;
         $entries[] = $entry;
     }
     return $entries;
 }
Beispiel #8
0
 /**
  * Sets up basic data for a new user submission story
  */
 public function initSubmission()
 {
     global $_USER, $_CONF, $_TABLES, $topic;
     if (COM_isAnonUser()) {
         $this->_uid = 1;
     } else {
         $this->_uid = $_USER['uid'];
     }
     // initialize the GLText version to the latest version
     $this->_text_version = GLTEXT_LATEST_VERSION;
     $this->_postmode = $_CONF['postmode'];
     // If a topic has been specified, use it, if permitted
     // otherwise, fall back to the default permitted topic.
     // if we still don't have one...
     // Have we specified a permitted topic?
     if (!empty($topic)) {
         $allowed = DB_getItem($_TABLES['topics'], 'tid', "tid = '" . DB_escapeString($topic) . "'" . COM_getTopicSql('AND'));
         if ($allowed != $topic) {
             $topic = '';
         }
     }
     // Do we now not have a topic?
     if (empty($topic)) {
         // Get default permitted:
         $topic = DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND'));
     }
     // Use what we have:
     $this->_tid = $topic;
     $this->_date = time();
 }
Beispiel #9
0
/**
* Check if the current user is allowed to delete trackback comments.
*
* @param    string  $sid    ID of the parent object of the comment
* @param    string  $type   type of the parent object ('article' = story, etc.)
* @return   boolean         true = user can delete the comment, false = nope
*
*/
function TRB_allowDelete($sid, $type)
{
    global $_TABLES;
    $allowed = false;
    if ($type == 'article') {
        $sid = addslashes($sid);
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'" . COM_getPermSql('AND', 0, 3) . COM_getTopicSql('AND'));
        $A = DB_fetchArray($result);
        if (SEC_hasRights('story.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3) {
            $allowed = true;
        } else {
            $allowed = false;
        }
    } else {
        $allowed = PLG_handlePingComment($type, $sid, 'delete');
    }
    return $allowed;
}
Beispiel #10
0
/**
* Shows story editor
*
* Displays the story entry form
*
* @param    string      $sid            ID of story to edit
* @param    string      $action         'preview', 'edit', 'moderate', 'draft'
* @param    string      $errormsg       a message to display on top of the page
* @param    string      $currenttopic   topic selection for drop-down menu
* @return   string      HTML for story editor
*
*/
function STORY_edit($sid = '', $action = '', $errormsg = '', $currenttopic = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG24, $LANG33, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_IMAGE_TYPE;
    USES_lib_admin();
    $display = '';
    switch ($action) {
        case 'clone':
        case 'edit':
        case 'preview':
        case 'error':
            $title = $LANG24[5];
            $saveoption = $LANG_ADMIN['save'];
            $submission = false;
            break;
        case 'moderate':
            $title = $LANG24[90];
            $saveoption = $LANG_ADMIN['moderate'];
            $submission = true;
            break;
        case 'draft':
            $title = $LANG24[91];
            $saveoption = $LANG_ADMIN['save'];
            $submission = true;
            $action = 'edit';
            break;
        default:
            $title = $LANG24[5];
            $saveoption = $LANG_ADMIN['save'];
            $submission = false;
            $action = 'edit';
            break;
    }
    // Load HTML templates
    $story_templates = new Template($_CONF['path_layout'] . 'admin/story');
    $story_templates->set_file(array('editor' => 'storyeditor.thtml'));
    if (!isset($_CONF['hour_mode'])) {
        $_CONF['hour_mode'] = 12;
    }
    if (!empty($errormsg)) {
        $display .= COM_showMessageText($errormsg, $LANG24[25], true);
    }
    if (!empty($currenttopic)) {
        $allowed = DB_getItem($_TABLES['topics'], 'tid', "tid = '" . DB_escapeString($currenttopic) . "'" . COM_getTopicSql('AND'));
        if ($allowed != $currenttopic) {
            $currenttopic = '';
        }
    }
    $story = new Story();
    if ($action == 'preview' || $action == 'error') {
        while (list($key, $value) = each($_POST)) {
            if (!is_array($value)) {
                $_POST[$key] = $value;
            } else {
                while (list($subkey, $subvalue) = each($value)) {
                    $value[$subkey] = $subvalue;
                }
            }
        }
        $result = $story->loadFromArgsArray($_POST);
    } else {
        $result = $story->loadFromDatabase($sid, $action);
    }
    if ($result == STORY_PERMISSION_DENIED || $result == STORY_NO_ACCESS_PARAMS) {
        $display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied'], true);
        COM_accessLog("User {$_USER['username']} tried to access story {$sid}. - STORY_PERMISSION_DENIED or STORY_NO_ACCESS_PARAMS - " . $result);
        return $display;
    } elseif ($result == STORY_EDIT_DENIED || $result == STORY_EXISTING_NO_EDIT_PERMISSION) {
        $display .= COM_showMessageText($LANG24[41], $LANG_ACCESS['accessdenied'], true);
        $display .= STORY_renderArticle($story, 'p');
        COM_accessLog("User {$_USER['username']} tried to illegally edit story {$sid}. - STORY_EDIT_DENIED or STORY_EXISTING_NO_EDIT_PERMISSION");
        return $display;
    } elseif ($result == STORY_INVALID_SID) {
        if ($action == 'moderate') {
            // that submission doesn't seem to be there any more (may have been
            // handled by another Admin) - take us back to the moderation page
            echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
        } else {
            echo COM_refresh($_CONF['site_admin_url'] . '/story.php');
        }
    } elseif ($result == STORY_DUPLICATE_SID) {
        $story_templates->set_var('error_message', $LANG24[24]);
    } elseif ($result == STORY_EMPTY_REQUIRED_FIELDS) {
        $story_templates->set_var('error_message', $LANG24[31]);
    }
    if (empty($currenttopic) && $story->EditElements('tid') == '') {
        $story->setTid(DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND')));
    } else {
        if ($story->EditElements('tid') == '') {
            $story->setTid($currenttopic);
        }
    }
    if (SEC_hasRights('story.edit')) {
        $allowedTopicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, true, 0);
        $allowedAltTopicList = '<option value="">' . $LANG33[44] . '</option>' . COM_topicList('tid,topic', $story->EditElements('alternate_tid'), 1, true, 0);
    } else {
        $allowedTopicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, true, 3);
        $allowedAltTopicList = '<option value="">' . $LANG33[44] . '</option>' . COM_topicList('tid,topic', $story->EditElements('alternate_tid'), 1, true, 3);
    }
    if ($allowedTopicList == '') {
        $display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied'], true);
        COM_accessLog("User {$_USER['username']} tried to illegally access story {$sid}. No allowed topics.");
        return $display;
    }
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/story.php', 'text' => $LANG_ADMIN['story_list']), array('url' => $_CONF['site_admin_url'] . '/moderation.php', 'text' => $LANG_ADMIN['submissions']));
    if (SEC_inGroup('Root')) {
        $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/story.php?global=x', 'text' => 'Global Settings');
    }
    $menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
    require_once $_CONF['path_system'] . 'classes/navbar.class.php';
    $story_templates->set_var('hour_mode', $_CONF['hour_mode']);
    if ($story->hasContent()) {
        $previewContent = STORY_renderArticle($story, 'p');
        if ($previewContent != '') {
            $story_templates->set_var('preview_content', $previewContent);
        }
    }
    $navbar = new navbar();
    if (!empty($previewContent)) {
        $navbar->add_menuitem($LANG24[79], 'showhideEditorDiv("preview",0);return false;', true);
        $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",1);return false;', true);
        $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",2);return false;', true);
        $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",3);return false;', true);
        $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",4);return false;', true);
        $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",5);return false;', true);
        $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",6);return false;', true);
    } else {
        $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",0);return false;', true);
        $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",1);return false;', true);
        $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",2);return false;', true);
        $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",3);return false;', true);
        $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",4);return false;', true);
        $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",5);return false;', true);
    }
    if ($action == 'preview') {
        $story_templates->set_var('show_preview', '');
        $story_templates->set_var('show_htmleditor', 'none');
        $story_templates->set_var('show_texteditor', 'none');
        $story_templates->set_var('show_submitoptions', 'none');
        $navbar->set_selected($LANG24[79]);
    } else {
        $navbar->set_selected($LANG24[80]);
        $story_templates->set_var('show_preview', 'none');
    }
    $story_templates->set_var('navbar', $navbar->generate());
    $story_templates->set_var('start_block', COM_startBlock($title, '', COM_getBlockTemplate('_admin_block', 'header')));
    // start generating the story editor block
    $story_templates->set_var('block_start', COM_startBlock($title, '', COM_getBlockTemplate('_admin_block', 'header')));
    $oldsid = $story->EditElements('originalSid');
    if (!empty($oldsid)) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="deletestory"%s/>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $story_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $story_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        $story_templates->set_var('lang_delete_confirm', $MESSAGE[76]);
    }
    if ($submission || $story->type == 'submission') {
        $story_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"/>');
    }
    $story_templates->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG24[92], $_CONF['layout_url'] . '/images/icons/story.' . $_IMAGE_TYPE));
    $story_templates->set_var('lang_author', $LANG24[7]);
    $storyauthor = COM_getDisplayName($story->EditElements('uid'));
    $storyauthor_select = COM_optionList($_TABLES['users'], 'uid,username', $story->EditElements('uid'));
    $story_templates->set_var('story_author', $storyauthor);
    $story_templates->set_var('story_author_select', $storyauthor_select);
    $story_templates->set_var('author', $storyauthor);
    $story_templates->set_var('story_uid', $story->EditElements('uid'));
    // user access info
    $story_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $story_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($story->EditElements('owner_id'));
    $story_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', 'uid = ' . (int) $story->EditElements('owner_id')));
    $story_templates->set_var('owner_name', $ownername);
    $story_templates->set_var('owner', $ownername);
    $story_templates->set_var('owner_id', $story->EditElements('owner_id'));
    if (SEC_hasRights('story.edit')) {
        $story_templates->set_var('owner_dropdown', COM_buildOwnerList('owner_id', $story->EditElements('owner_id')));
    } else {
        $ownerInfo = '<input type="hidden" name="owner_id" value="' . $story->editElements('owner_id') . '" />' . $ownername;
        $story_templates->set_var('owner_dropdown', $ownerInfo);
    }
    $story_templates->set_var('lang_group', $LANG_ACCESS['group']);
    if (SEC_inGroup($story->EditElements('group_id'))) {
        $story_templates->set_var('group_dropdown', SEC_getGroupDropdown($story->EditElements('group_id'), 3));
    } else {
        $gdrpdown = '<input type="hidden" name="group_id" value="' . $story->EditElements('group_id') . '"/>';
        $grpddown .= DB_getItem($_TABLES['groups'], 'grp_name', 'grp_id=' . (int) $story->EditElements('group_id'));
        $story_templates->set_var('group_dropdown', $grpddown);
    }
    $story_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $story_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $story_templates->set_var('permissions_editor', SEC_getPermissionsHTML($story->EditElements('perm_owner'), $story->EditElements('perm_group'), $story->EditElements('perm_members'), $story->EditElements('perm_anon')));
    $story_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $curtime = COM_getUserDateTimeFormat($story->EditElements('date'));
    $story_templates->set_var('lang_date', $LANG24[15]);
    $story_templates->set_var('publish_second', $story->EditElements('publish_second'));
    $publish_ampm = '';
    $publish_hour = $story->EditElements('publish_hour');
    if ($publish_hour >= 12) {
        if ($publish_hour > 12) {
            $publish_hour = $publish_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('publish_ampm', $ampm);
    $story_templates->set_var('publishampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('publish_month'));
    $story_templates->set_var('publish_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('publish_day'));
    $story_templates->set_var('publish_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('publish_year'));
    $story_templates->set_var('publish_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('publish_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($publish_hour);
    }
    $story_templates->set_var('publish_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('publish_minute'));
    $story_templates->set_var('publish_minute_options', $minute_options);
    $story_templates->set_var('publish_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('unixdate'));
    $story_templates->set_var('expire_second', $story->EditElements('expire_second'));
    $expire_ampm = '';
    $expire_hour = $story->EditElements('expire_hour');
    if ($expire_hour >= 12) {
        if ($expire_hour > 12) {
            $expire_hour = $expire_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('expire_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="expire_ampm" value=""/>';
    }
    $story_templates->set_var('expireampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('expire_month'));
    $story_templates->set_var('expire_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('expire_day'));
    $story_templates->set_var('expire_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('expire_year'));
    $story_templates->set_var('expire_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('expire_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($expire_hour);
    }
    $story_templates->set_var('expire_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('expire_minute'));
    $story_templates->set_var('expire_minute_options', $minute_options);
    $story_templates->set_var('expire_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('expirestamp'));
    if ($story->EditElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked3', 'checked="checked"');
        $story_templates->set_var('showarchivedisabled', 'false');
    } elseif ($story->EditElements('statuscode') == STORY_DELETE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked4', 'checked="checked"');
        $story_templates->set_var('showarchivedisabled', 'false');
    } else {
        $story_templates->set_var('showarchivedisabled', 'true');
    }
    $story_templates->set_var('lang_archivetitle', $LANG24[58]);
    $story_templates->set_var('lang_option', $LANG24[59]);
    $story_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $story_templates->set_var('lang_story_stats', $LANG24[87]);
    $story_templates->set_var('lang_optionarchive', $LANG24[61]);
    $story_templates->set_var('lang_optiondelete', $LANG24[62]);
    $story_templates->set_var('lang_title', $LANG_ADMIN['title']);
    $story_templates->set_var('story_title', $story->EditElements('title'));
    $story_templates->set_var('story_subtitle', $story->EditElements('subtitle'));
    $story_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    $story_templates->set_var('lang_alt_topic', $LANG_ADMIN['alt_topic']);
    $story_templates->set_var('topic_options', $allowedTopicList);
    $story_templates->set_var('alt_topic_options', $allowedAltTopicList);
    $story_templates->set_var('lang_show_topic_icon', $LANG24[56]);
    if ($story->EditElements('show_topic_icon') == 1) {
        $story_templates->set_var('show_topic_icon_checked', 'checked="checked"');
    } else {
        $story_templates->set_var('show_topic_icon_checked', '');
    }
    $story_templates->set_var('story_image_url', $story->EditElements('story_image'));
    $story_templates->set_var('lang_draft', $LANG24[34]);
    if ($story->EditElements('draft_flag')) {
        $story_templates->set_var('is_checked', 'checked="checked"');
        $story_templates->set_var('unpublished_selected', 'selected="selected"');
    } else {
        $story_templates->set_var('published_selected', 'selected="selected"');
    }
    $story_templates->set_var('lang_mode', $LANG24[3]);
    $story_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $story->EditElements('statuscode')));
    $story_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $story->EditElements('commentcode')));
    $story_templates->set_var('trackback_options', COM_optionList($_TABLES['trackbackcodes'], 'code,name', $story->EditElements('trackbackcode')));
    // comment expire
    $story_templates->set_var('lang_cmt_disable', $LANG24[63]);
    if ($story->EditElements('cmt_close')) {
        $story_templates->set_var('is_checked5', 'checked="checked"');
        //check box if enabled
        $story_templates->set_var('showcmtclosedisabled', 'false');
    } else {
        $story_templates->set_var('showcmtclosedisabled', 'true');
    }
    $month_options = COM_getMonthFormOptions($story->EditElements('cmt_close_month'));
    $story_templates->set_var('cmt_close_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('cmt_close_day'));
    $story_templates->set_var('cmt_close_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('cmt_close_year'));
    $story_templates->set_var('cmt_close_year_options', $year_options);
    $cmt_close_ampm = '';
    $cmt_close_hour = $story->EditElements('cmt_close_hour');
    //correct hour
    if ($cmt_close_hour >= 12) {
        if ($cmt_close_hour > 12) {
            $cmt_close_hour = $cmt_close_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('cmt_close_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="cmt_close_ampm" value="" />';
    }
    $story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($cmt_close_hour);
    }
    $story_templates->set_var('cmt_close_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
    $story_templates->set_var('cmt_close_minute_options', $minute_options);
    $story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
    if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
        $featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
        $featured_options_data = COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured'));
        $story_templates->set_var('featured_options_data', $featured_options_data);
    } else {
        $featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"/>";
        $story_templates->unset_var('featured_options_data');
    }
    $story_templates->set_var('featured_options', $featured_options);
    $story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
    $story_templates->set_var('story_introtext', $story->EditElements('introtext'));
    $story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
    $story_templates->set_var('lang_introtext', $LANG24[16]);
    $story_templates->set_var('lang_bodytext', $LANG24[17]);
    $story_templates->set_var('lang_postmode', $LANG24[4]);
    $story_templates->set_var('lang_publishoptions', $LANG24[76]);
    $story_templates->set_var('lang_publishdate', $LANG24[69]);
    $story_templates->set_var('lang_nojavascript', $LANG24[77]);
    $story_templates->set_var('postmode', $story->EditElements('postmode'));
    if ($story->EditElements('postmode') == 'plaintext' || $story->EditElements('postmode') == 'text') {
        $allowedHTML = '';
    } else {
        $allowedHTML = COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>';
    }
    $allowedHTML .= COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story');
    $story_templates->set_var('lang_allowed_html', $allowedHTML);
    $fileinputs = '';
    $saved_images = '';
    if ($_CONF['maximagesperarticle'] > 0) {
        $story_templates->set_var('lang_images', $LANG24[47]);
        $icount = DB_count($_TABLES['article_images'], 'ai_sid', DB_escapeString($story->getSid()));
        if ($icount > 0) {
            $result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . DB_escapeString($story->getSid()) . "'");
            for ($z = 1; $z <= $icount; $z++) {
                $I = DB_fetchArray($result_articles);
                $saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . '&nbsp;&nbsp;&nbsp;' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']" /><br />';
            }
        }
        $newallowed = $_CONF['maximagesperarticle'] - $icount;
        for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
            $fileinputs .= $z . ') <input type="file" dir="ltr" name="file[]' . '" />';
            if ($z < $_CONF['maximagesperarticle']) {
                $fileinputs .= '<br />';
            }
        }
        $fileinputs .= '<br />' . $LANG24[51];
        if ($_CONF['allow_user_scaling'] == 1) {
            $fileinputs .= $LANG24[27];
        }
        $fileinputs .= $LANG24[28] . '<br />';
    }
    $story_templates->set_var('saved_images', $saved_images);
    $story_templates->set_var('image_form_elements', $fileinputs);
    $story_templates->set_var('lang_hits', $LANG24[18]);
    $story_templates->set_var('story_hits', $story->EditElements('hits'));
    $story_templates->set_var('lang_comments', $LANG24[19]);
    $story_templates->set_var('story_comments', $story->EditElements('comments'));
    $story_templates->set_var('lang_trackbacks', $LANG24[29]);
    $story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
    $story_templates->set_var('lang_emails', $LANG24[39]);
    $story_templates->set_var('story_emails', $story->EditElements('numemails'));
    if ($_CONF['rating_enabled']) {
        $rating = @number_format($story->EditElements('rating'), 2);
        $votes = $story->EditElements('votes');
        $story_templates->set_var('rating', $rating);
        $story_templates->set_var('votes', $votes);
    }
    $story_templates->set_var('attribution_url', $story->EditElements('attribution_url'));
    $story_templates->set_var('attribution_name', $story->EditElements('attribution_name'));
    $story_templates->set_var('attribution_author', $story->EditElements('attribution_author'));
    $story_templates->set_var('lang_attribution_url', $LANG24[105]);
    $story_templates->set_var('lang_attribution_name', $LANG24[106]);
    $story_templates->set_var('lang_attribution_author', $LANG24[107]);
    $story_templates->set_var('lang_attribution', $LANG24[108]);
    $sec_token_name = CSRF_TOKEN;
    $sec_token = SEC_createToken();
    $story_templates->set_var('story_id', $story->getSid());
    $story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
    $story_templates->set_var('lang_sid', $LANG24[12]);
    $story_templates->set_var('lang_save', $saveoption);
    $story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    $story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
    $story_templates->set_var('lang_timeout', $LANG_ADMIN['timeout_msg']);
    $story_templates->set_var('gltoken_name', CSRF_TOKEN);
    $story_templates->set_var('gltoken', $sec_token);
    $story_templates->set_var('security_token', $sec_token);
    $story_templates->set_var('security_token_name', $sec_token_name);
    $story_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    PLG_templateSetVars('storyeditor', $story_templates);
    if ($story->EditElements('postmode') != 'html') {
        $story_templates->unset_var('wysiwyg');
    }
    SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral('advancededitor'), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    $story_templates->parse('output', 'editor');
    $display .= $story_templates->finish($story_templates->get_var('output'));
    return $display;
}
Beispiel #11
0
/**
* Shows any new information in a block
*
* Return the HTML that shows any new stories, comments, etc
*
* @param    string  $help     Help file for block
* @param    string  $title    Title used in block header
* @param    string  $position Position in which block is being rendered 'left', 'right' or blank (for centre)
* @return   string  Return the HTML that shows any new stories, comments, etc
*
*/
function COM_whatsNewBlock($help = '', $title = '', $position = '')
{
    global $_CONF, $_TABLES, $_USER, $_PLUGINS, $LANG01, $LANG_WHATSNEW, $page, $newstories;
    if (!isset($_CONF['whatsnew_cache_time'])) {
        $_CONF['whatsnew_cache_time'] = 3600;
    }
    $cacheInstance = 'whatsnew__' . CACHE_security_hash() . '__' . $_USER['theme'];
    $retval = CACHE_check_instance($cacheInstance, 0);
    if ($retval) {
        $lu = CACHE_get_instance_update($cacheInstance, 0);
        $now = time();
        if ($now - $lu < $_CONF['whatsnew_cache_time']) {
            return $retval;
        }
    }
    $T = new Template($_CONF['path_layout'] . 'blocks');
    $T->set_file('block', 'whatsnew.thtml');
    $items_found = 0;
    $header = COM_startBlock($title, $help, COM_getBlockTemplate('whats_new_block', 'header', $position), 'whats_new_block');
    $T->set_var('block_start', $header);
    $topicsql = '';
    if ($_CONF['hidenewstories'] == 0 || $_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $topicsql = COM_getTopicSql('AND', 0, $_TABLES['stories']);
    }
    if ($_CONF['hidenewstories'] == 0) {
        $archsql = '';
        $archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
        if (!empty($archivetid)) {
            $archsql = " AND (tid <> '" . DB_escapeString($archivetid) . "')";
        }
        // Find the newest stories
        $sql = "SELECT * FROM {$_TABLES['stories']} WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND') . ' ORDER BY date DESC';
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if (empty($title)) {
            $title = DB_getItem($_TABLES['blocks'], 'title', "name='whats_new_block'");
        }
        $T->set_block('block', 'section', 'sectionblock');
        if ($nrows > 0) {
            // Any late breaking news stories?
            $T->set_var('section_title', $LANG01[99]);
            $T->set_var('interval', COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newcommentsinterval']));
            $newstory = array();
            $T->set_block('block', 'datarow', 'datablock');
            while ($A = DB_fetchArray($result)) {
                $title = COM_undoSpecialChars($A['title']);
                $title = str_replace('&nbsp;', ' ', $title);
                $titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                $attr = array('title' => htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt()));
                $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
                $storyitem = COM_createLink($titletouse, $url, $attr);
                $newstory[] = $storyitem;
                $T->set_var('data_item', $storyitem);
                $T->parse('datablock', 'datarow', true);
                $items_found++;
            }
            $T->parse('sectionblock', 'section', true);
        }
    }
    $T->unset_var('datablock');
    if ($_CONF['hidenewcomments'] == 0) {
        // Go get the newest comments
        $commentHeader = 0;
        $newcomments = array();
        $commentrow = array();
        // get story whats new
        $stwhere = '';
        if (!COM_isAnonUser()) {
            $stwhere .= "({$_TABLES['stories']}.owner_id IS NOT NULL AND {$_TABLES['stories']}.perm_owner IS NOT NULL) OR ";
            $stwhere .= "({$_TABLES['stories']}.group_id IS NOT NULL AND {$_TABLES['stories']}.perm_group IS NOT NULL) OR ";
            $stwhere .= "({$_TABLES['stories']}.perm_members IS NOT NULL)";
        } else {
            $stwhere .= "({$_TABLES['stories']}.perm_anon IS NOT NULL)";
        }
        $sql = "SELECT DISTINCT COUNT(*) AS dups, type, {$_TABLES['stories']}.title, {$_TABLES['stories']}.sid, UNIX_TIMESTAMP(max({$_TABLES['comments']}.date)) AS lastdate FROM {$_TABLES['comments']} LEFT JOIN {$_TABLES['stories']} ON (({$_TABLES['stories']}.sid = {$_TABLES['comments']}.sid)" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.commentcode >= 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . ") WHERE ({$_TABLES['comments']}.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newcommentsinterval']} SECOND))) AND ((({$stwhere}))) GROUP BY {$_TABLES['comments']}.sid,type, {$_TABLES['stories']}.title, {$_TABLES['stories']}.title, {$_TABLES['stories']}.sid ORDER BY 5 DESC LIMIT 15";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            $T->set_var('section_title', $LANG01[83]);
            $T->set_var('interval', COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newcommentsinterval']));
            $commentHeader = 1;
            for ($x = 0; $x < $nrows; $x++) {
                $A = DB_fetchArray($result);
                $A['url'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']) . '#comments';
                $commentrow[] = $A;
            }
        }
        $pluginComments = PLG_getWhatsNewComment();
        $commentrow = array_merge($pluginComments, $commentrow);
        usort($commentrow, '_commentsort');
        $nrows = count($commentrow);
        if ($nrows > 0) {
            if ($commentHeader == 0) {
                $commentHeader = 1;
                $T->set_var('section_title', $LANG01[83]);
                $T->set_var('interval', COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newcommentsinterval']));
            }
            $newcomments = array();
            for ($x = 0; $x < $nrows; $x++) {
                $titletouse = '';
                $url = $commentrow[$x]['url'];
                $title = COM_undoSpecialChars($commentrow[$x]['title']);
                $title = str_replace('&nbsp;', ' ', $title);
                $titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                $attr = array('title' => htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt()));
                if ($commentrow[$x]['dups'] > 1) {
                    $titletouse .= ' [+' . $commentrow[$x]['dups'] . ']';
                }
                $newcomments[] = COM_createLink($titletouse, $url, $attr);
            }
            $T->set_block('block', 'datarow', 'datablock');
            foreach ($newcomments as $comment) {
                $T->set_var('data_item', $comment);
                $T->parse('datablock', 'datarow', true);
                $items_found++;
            }
            $T->parse('sectionblock', 'section', true);
        }
    }
    $T->unset_var('datablock');
    if ($_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $sql = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            $T->set_var('section_title', $LANG01[114]);
            $T->set_var('interval', COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newtrackbackinterval']));
            $newcomments = array();
            $T->set_block('block', 'datarow', 'datablock');
            for ($i = 0; $i < $nrows; $i++) {
                $titletouse = '';
                $A = DB_fetchArray($result);
                $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']) . '#trackback';
                $title = COM_undoSpecialChars($A['title']);
                $title = str_replace('&nbsp;', ' ', $title);
                $titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                $attr = array('title' => htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt()));
                if ($A['count'] > 1) {
                    $titletouse .= ' [+' . $A['count'] . ']';
                }
                $trackback = COM_createLink($titletouse, $url, $attr);
                $newcomments[] = $trackback;
                $T->set_var('data_item', $trackback);
                $T->parse('datablock', 'datarow', true);
                $items_found++;
            }
            $T->parse('sectionblock', 'section', true);
        }
    }
    $T->unset_var('datablock');
    if ($_CONF['hidenewplugins'] == 0) {
        list($headlines, $smallheadlines, $content) = PLG_getWhatsNew();
        $plugins = count($headlines);
        if ($plugins > 0) {
            for ($i = 0; $i < $plugins; $i++) {
                $T->set_var('section_title', $headlines[$i]);
                $T->set_var('interval', $smallheadlines[$i]);
                $T->set_block('block', 'datarow', 'datablock');
                if (is_array($content[$i])) {
                    foreach ($content[$i] as $item) {
                        $T->set_var('data_item', $item);
                        $T->parse('datablock', 'datarow', true);
                        $items_found++;
                    }
                } else {
                    $T->set_var('data_item', $content[$i]);
                    $T->parse('datablock', 'datarow', true);
                    $items_found++;
                }
                $T->parse('sectionblock', 'section', true);
                $T->unset_var('datablock');
                $T->unset_var('interval');
                $T->unset_var('section_title');
            }
        }
    }
    if ($items_found == 0) {
        $T->set_var('no_items_found', $LANG01['no_new_items']);
    } else {
        $T->set_var('no_items_found', '');
    }
    $T->set_var('block_end', COM_endBlock(COM_getBlockTemplate('whats_new_block', 'footer', $position)));
    $T->parse('output', 'block');
    $final = $T->finish($T->get_var('output'));
    CACHE_create_instance($cacheInstance, $final, 0);
    return $final;
}
Beispiel #12
0
 /**
  * Returns an array of (
  *   'id'        => $id (string),
  *   'title'     => $title (string),
  *   'uri'       => $uri (string),
  *   'date'      => $date (int: Unix timestamp),
  *   'image_uri' => $image_uri (string)
  * )
  */
 public function getItemsByDate($tid = '', $all_langs = FALSE)
 {
     global $_CONF, $_TABLES;
     $retval = array();
     if (empty(Dataproxy::$startDate) or empty(Dataproxy::$endDate)) {
         return $retval;
     }
     // Collects sids
     $sql = "SELECT id " . "  FROM {$_TABLES['topic_assignments']} " . "WHERE (type= 'article') AND (tdefault = 1) ";
     if (!empty($tid)) {
         $sql .= "  AND (tid = '" . addslashes($tid) . "') ";
     }
     if (!Dataproxy::isRoot()) {
         $sql .= COM_getTopicSql('AND', Dataproxy::uid());
     }
     $result = DB_query($sql);
     if (DB_error()) {
         return $retval;
     } else {
         $sids = array();
         while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
             $sids[] = addslashes($A['id']);
         }
         if (count($sids) === 0) {
             return $retval;
         }
     }
     $sql = "SELECT sid, title, UNIX_TIMESTAMP(date) AS day " . "  FROM {$_TABLES['stories']} " . "WHERE (draft_flag = 0) AND (date <= NOW()) " . "  AND (UNIX_TIMESTAMP(date) BETWEEN '" . Dataproxy::$startDate . "' AND '" . Dataproxy::$endDate . "') " . "  AND (sid IN ('" . implode("', '", $sids) . "')) ";
     if (!Dataproxy::isRoot()) {
         $sql .= COM_getPermSql('AND', Dataproxy::uid());
         if ($all_langs === FALSE) {
             $sql .= COM_getLangSQL('sid', 'AND');
         }
     }
     $sql .= " ORDER BY date DESC ";
     $result = DB_query($sql);
     if (DB_error()) {
         return $retval;
     }
     while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
         $entry = array();
         $entry['id'] = stripslashes($A['sid']);
         $entry['title'] = stripslashes($A['title']);
         $entry['uri'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . stripslashes($A['sid']));
         $entry['date'] = $A['day'];
         $entry['imageurl'] = FALSE;
         $retval[] = $entry;
     }
     return $retval;
 }
Beispiel #13
0
/**
* Display main view (list of years)
*
* Displays an overview of all the years and months, starting with the first
* year for which a story has been posted. Can optionally display a list of
* the stories for the current month at the top of the page.
*
* @param    string  $topic                  current topic
* @param    boolean $list_current_month     true = list stories f. current month
* @return   string                          list of all the years in the db
*
*/
function DIR_displayAll($topic, $list_current_month = false)
{
    global $_TABLES, $LANG_DIR;
    $retval = '';
    if ($list_current_month) {
        $currentyear = date('Y', time());
        $currentmonth = date('n', time());
        $retval .= DIR_displayMonth($topic, $currentyear, $currentmonth);
        $retval .= '<hr' . XHTML . '>' . LB;
    }
    $retval .= '<div><h1 style="display:inline">' . $LANG_DIR['title'] . '</h1> ' . DIR_topicList($topic) . '</div>' . LB;
    $yearsql = array();
    $yearsql['mysql'] = "SELECT DISTINCT YEAR(date) AS year,date FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW())" . COM_getTopicSql('AND') . COM_getPermSql('AND') . COM_getLangSQL('sid', 'AND');
    $yearsql['mssql'] = "SELECT YEAR(date) AS year FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW())" . COM_getTopicSql('AND') . COM_getPermSql('AND') . COM_getLangSQL('sid', 'AND');
    $yearsql['pgsql'] = "SELECT EXTRACT( YEAR from date) AS year FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW())" . COM_getTopicSql('AND') . COM_getPermSql('AND') . COM_getLangSQL('sid', 'AND');
    $ysql = array();
    $ysql['mysql'] = $yearsql['mysql'] . " GROUP BY YEAR(date) ORDER BY date DESC";
    $ysql['mssql'] = $yearsql['mssql'] . " GROUP BY YEAR(date) ORDER BY YEAR(date) DESC";
    $ysql['pgsql'] = $yearsql['pgsql'] . " GROUP BY year,date ORDER BY year DESC";
    $yresult = DB_query($ysql);
    $numyears = DB_numRows($yresult);
    for ($i = 0; $i < $numyears; $i++) {
        $Y = DB_fetchArray($yresult);
        $retval .= DIR_displayYear($topic, $Y['year']);
    }
    return $retval;
}
Beispiel #14
0
/**
* Return information for a story
*
* This is the story equivalent of PLG_getItemInfo. See lib-plugins.php for
* details.
*
* @param    string  $sid        story ID or '*'
* @param    string  $what       comma-separated list of story properties
* @param    int     $uid        user ID or 0 = current user
* @return   mixed               string or array of strings with the information
*
*/
function STORY_getItemInfo($sid, $what, $uid = 0, $options = array())
{
    global $_CONF, $_TABLES, $LANG09;
    $properties = explode(',', $what);
    $fields = array();
    foreach ($properties as $p) {
        switch ($p) {
            case 'date-created':
                $fields[] = 'UNIX_TIMESTAMP(date) AS unixdate';
                break;
            case 'description':
            case 'raw-description':
                $fields[] = 'introtext';
                $fields[] = 'bodytext';
                break;
            case 'excerpt':
                $fields[] = 'introtext';
                break;
            case 'feed':
                $fields[] = 'tid';
                break;
            case 'id':
                $fields[] = 'sid';
                break;
            case 'title':
                $fields[] = 'title';
                break;
            case 'url':
            case 'label':
                $fields[] = 'sid';
                break;
            case 'status':
                $fields[] = 'draft_flag';
                break;
            case 'author':
                $fields[] = 'uid';
                break;
            default:
                break;
        }
    }
    $fields = array_unique($fields);
    if (count($fields) == 0) {
        $retval = array();
        return $retval;
    }
    if ($sid == '*') {
        $where = ' WHERE';
    } else {
        $where = " WHERE (sid = '" . DB_escapeString($sid) . "') AND";
    }
    $where .= ' (date <= NOW())';
    if ($uid > 0) {
        $permSql = COM_getPermSql('AND', $uid) . COM_getTopicSql('AND', $uid);
    } else {
        $permSql = COM_getPermSql('AND') . COM_getTopicSql('AND');
    }
    $sql = "SELECT " . implode(',', $fields) . " FROM {$_TABLES['stories']}" . $where . $permSql;
    if ($sid != '*') {
        $sql .= ' LIMIT 1';
    }
    $result = DB_query($sql);
    $numRows = DB_numRows($result);
    $retval = array();
    for ($i = 0; $i < $numRows; $i++) {
        $A = DB_fetchArray($result);
        $props = array();
        foreach ($properties as $p) {
            switch ($p) {
                case 'date-created':
                    $props['date-created'] = $A['unixdate'];
                    break;
                case 'description':
                    $props['description'] = trim(PLG_replaceTags($A['introtext'] . ' ' . $A['bodytext'], 'glfusion', 'story'));
                    break;
                case 'raw-description':
                    $props['raw-description'] = trim($A['introtext'] . ' ' . $A['bodytext']);
                    break;
                case 'excerpt':
                    $excerpt = $A['introtext'];
                    $props['excerpt'] = trim(PLG_replaceTags($excerpt, 'glfusion', 'story'));
                    break;
                case 'feed':
                    $feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '::all'");
                    if (empty($feedfile)) {
                        $feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '::frontpage'");
                    }
                    if (empty($feedfile)) {
                        $feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '{$A['tid']}'");
                    }
                    if (empty($feedfile)) {
                        $props['feed'] = '';
                    } else {
                        $props['feed'] = SYND_getFeedUrl($feedfile);
                    }
                    break;
                case 'id':
                    $props['id'] = $A['sid'];
                    break;
                case 'title':
                    $props['title'] = $A['title'];
                    break;
                case 'url':
                    if (empty($A['sid'])) {
                        $props['url'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
                    } else {
                        $props['url'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
                    }
                    break;
                case 'label':
                    $props['label'] = $LANG09[65];
                    break;
                case 'status':
                    if ($A['draft_flag'] == 0) {
                        $props['status'] = 1;
                    } else {
                        $props['status'] = 0;
                    }
                    break;
                case 'author':
                    $props['author'] = $A['uid'];
                    break;
                default:
                    $props[$p] = '';
                    break;
            }
        }
        $mapped = array();
        foreach ($props as $key => $value) {
            if ($sid == '*') {
                if ($value != '') {
                    $mapped[$key] = $value;
                }
            } else {
                $mapped[$key] = $value;
            }
        }
        if ($sid == '*') {
            $retval[] = $mapped;
        } else {
            $retval = $mapped;
            break;
        }
    }
    if ($sid != '*' && count($retval) == 1) {
        $tRet = array_values($retval);
        $retval = $tRet[0];
    }
    return $retval;
}
Beispiel #15
0
/**
* Shows any new information in a block
*
* Return the HTML that shows any new stories, comments, etc
*
* @param    string  $help     Help file for block
* @param    string  $title    Title used in block header
* @param    string  $position Position in which block is being rendered 'left', 'right' or blank (for centre)
* @return   string  Return the HTML that shows any new stories, comments, etc
*
*/
function COM_whatsNewBlock($help = '', $title = '', $position = '')
{
    global $_CONF, $_TABLES, $LANG01, $LANG_WHATSNEW, $page, $newstories;
    $retval = COM_startBlock($title, $help, COM_getBlockTemplate('whats_new_block', 'header', $position));
    $topicsql = '';
    if ($_CONF['hidenewstories'] == 0 || $_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $topicsql = COM_getTopicSql('AND', 0, $_TABLES['stories']);
    }
    if ($_CONF['hidenewstories'] == 0) {
        $archsql = '';
        $archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
        if (!empty($archivetid)) {
            $archsql = " AND (tid <> '" . addslashes($archivetid) . "')";
        }
        // Find the newest stories
        $sql['mssql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
        $sql['mysql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
        $sql['pgsql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (NOW() - INTERVAL '{$_CONF['newstoriesinterval']} SECOND')) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
        $nrows = $A['count'];
        if (empty($title)) {
            $title = DB_getItem($_TABLES['blocks'], 'title', "name='whats_new_block'");
        }
        // Any late breaking news stories?
        $retval .= '<h3>' . $LANG01[99] . '</h3>';
        if ($nrows > 0) {
            $newmsg = COM_formatTimeString($LANG_WHATSNEW['new_string'], $_CONF['newstoriesinterval'], $LANG01[11], $nrows);
            if ($newstories && $page < 2) {
                $retval .= $newmsg . '<br' . XHTML . '>';
            } else {
                $retval .= COM_createLink($newmsg, $_CONF['site_url'] . '/index.php?display=new') . '<br' . XHTML . '>';
            }
        } else {
            $retval .= $LANG01[100] . '<br' . XHTML . '>';
        }
        if ($_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0 || $_CONF['hidenewplugins'] == 0) {
            $retval .= '<br' . XHTML . '>';
        }
    }
    if ($_CONF['hidenewcomments'] == 0) {
        // Go get the newest comments
        $retval .= '<h3>' . $LANG01[83] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newcommentsinterval']) . '</small></h3>';
        $new_plugin_comments = array();
        $new_plugin_comments = PLG_getWhatsNewComment();
        if (!empty($new_plugin_comments)) {
            // Sort array by element lastdate newest to oldest
            foreach ($new_plugin_comments as $k => $v) {
                $b[$k] = strtolower($v['lastdate']);
            }
            arsort($b);
            foreach ($b as $key => $val) {
                $temp[] = $new_plugin_comments[$key];
            }
            $new_plugin_comments = $temp;
            $newcomments = array();
            $count = 0;
            foreach ($new_plugin_comments as $A) {
                $count .= +1;
                $url = '';
                $info = PLG_getItemInfo($A['type'], $A['sid'], 'url');
                if (!empty($info)) {
                    $url = $info . '#comments';
                }
                // Check to see if url (plugin may not support PLG_getItemInfo
                if (!empty($url)) {
                    $title = COM_undoSpecialChars(stripslashes($A['title']));
                    $titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                    if ($title != $titletouse) {
                        $attr = array('title' => htmlspecialchars($title));
                    } else {
                        $attr = array();
                    }
                    $acomment = str_replace('$', '&#36;', $titletouse);
                    $acomment = str_replace(' ', '&nbsp;', $acomment);
                    if ($A['dups'] > 1) {
                        $acomment .= ' [+' . $A['dups'] . ']';
                    }
                    $newcomments[] = COM_createLink($acomment, $url, $attr);
                    if ($count == 15) {
                        break;
                    }
                }
            }
            $retval .= COM_makeList($newcomments, 'list-new-comments');
        } else {
            $retval .= $LANG01[86] . '<br' . XHTML . '>' . LB;
        }
        if ($_CONF['hidenewplugins'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
            $retval .= '<br' . XHTML . '>';
        }
    }
    if ($_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $retval .= '<h3>' . $LANG01[114] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newtrackbackinterval']) . '</small></h3>';
        $sql['mssql'] = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
        $sql['mysql'] = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
        $sql['pgsql'] = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (NOW()+ INTERVAL '{$_CONF['newtrackbackinterval']} SECOND'))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            $newcomments = array();
            for ($i = 0; $i < $nrows; $i++) {
                $A = DB_fetchArray($result);
                $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']) . '#trackback';
                $title = COM_undoSpecialChars(stripslashes($A['title']));
                $titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                if ($title != $titletouse) {
                    $attr = array('title' => htmlspecialchars($title));
                } else {
                    $attr = array();
                }
                $acomment = str_replace('$', '&#36;', $titletouse);
                $acomment = str_replace(' ', '&nbsp;', $acomment);
                if ($A['count'] > 1) {
                    $acomment .= ' [+' . $A['count'] . ']';
                }
                $newcomments[] = COM_createLink($acomment, $url, $attr);
            }
            $retval .= COM_makeList($newcomments, 'list-new-trackbacks');
        } else {
            $retval .= $LANG01[115] . '<br' . XHTML . '>' . LB;
        }
        if ($_CONF['hidenewplugins'] == 0) {
            $retval .= '<br' . XHTML . '>';
        }
    }
    if ($_CONF['hidenewplugins'] == 0) {
        list($headlines, $smallheadlines, $content) = PLG_getWhatsNew();
        $plugins = count($headlines);
        if ($plugins > 0) {
            for ($i = 0; $i < $plugins; $i++) {
                $retval .= '<h3>' . $headlines[$i] . ' <small>' . $smallheadlines[$i] . '</small></h3>';
                if (is_array($content[$i])) {
                    $retval .= COM_makeList($content[$i], 'list-new-plugins');
                } else {
                    $retval .= $content[$i];
                }
                if ($i + 1 < $plugins) {
                    $retval .= '<br' . XHTML . '>';
                }
            }
        }
    }
    $retval .= COM_endBlock(COM_getBlockTemplate('whats_new_block', 'footer', $position));
    return $retval;
}
Beispiel #16
0
    }
}
COM_setArgNames(array('id', 'type'));
$id = COM_applyFilter(COM_getArgument('id'));
$type = COM_applyFilter(COM_getArgument('type'));
if (empty($id)) {
    TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']);
    exit;
}
if (empty($type)) {
    $type = 'article';
}
if ($type == 'article') {
    // check if they have access to this story
    $sid = DB_escapeString($id);
    $sql = "SELECT trackbackcode FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n            WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . " AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1 " . COM_getTopicSql('AND', 0, 'ta');
    $result = DB_query($sql);
    if (DB_numRows($result) == 1) {
        $A = DB_fetchArray($result);
        if ($A['trackbackcode'] == 0) {
            TRB_handleTrackbackPing($id, $type);
        } else {
            TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
        }
    } else {
        TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
    }
} else {
    if (PLG_handlePingComment($type, $id, 'acceptByID') === true) {
        TRB_handleTrackbackPing($id, $type);
    } else {
Beispiel #17
0
/**
 * Return information for a story
 * This is the story equivalent of PLG_getItemInfo. See lib-plugins.php for
 * details.
 *
 * @param    string $sid     story ID or '*'
 * @param    string $what    comma-separated list of story properties
 * @param    int    $uid     user ID or 0 = current user
 * @param    array  $options (reserved for future extensions)
 * @return   mixed               string or array of strings with the information
 */
function plugin_getiteminfo_story($sid, $what, $uid = 0, $options = array())
{
    global $_CONF, $_TABLES;
    // parse $what to see what we need to pull from the database
    $properties = explode(',', $what);
    $fields = array();
    foreach ($properties as $p) {
        switch ($p) {
            case 'date-created':
                $fields[] = 'UNIX_TIMESTAMP(date) AS unixdate';
                break;
            case 'date-modified':
                $fields[] = 'UNIX_TIMESTAMP(date) AS unixdate';
                break;
            case 'description':
                $fields[] = 'introtext';
                $fields[] = 'bodytext';
                break;
            case 'excerpt':
                $fields[] = 'introtext';
                break;
            case 'feed':
                $fields[] = 'ta.tid';
                break;
            case 'id':
                $fields[] = 'sid';
                break;
            case 'title':
                $fields[] = 'title';
                break;
            case 'url':
                // needed for $sid == '*', but also in case we're only requesting
                // the URL (so that $fields isn't emtpy)
                $fields[] = 'sid';
                break;
            default:
                // nothing to do
                break;
        }
    }
    $fields = array_unique($fields);
    if (count($fields) == 0) {
        $retval = array();
        return $retval;
    }
    // prepare SQL request
    if ($sid == '*') {
        $where = ' WHERE';
    } else {
        $where = " WHERE (sid = '" . DB_escapeString($sid) . "') AND";
    }
    $where .= ' (draft_flag = 0) AND (date <= NOW())';
    if ($uid > 0) {
        $permSql = COM_getPermSql('AND', $uid) . " AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1 " . COM_getTopicSql('AND', $uid, 'ta');
    } else {
        $permSql = COM_getPermSql('AND') . " AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1 " . COM_getTopicSql('AND', 0, 'ta');
    }
    $sql = "SELECT " . implode(',', $fields) . " FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta" . $where . $permSql;
    if ($sid != '*') {
        $sql .= ' LIMIT 1';
    }
    $result = DB_query($sql);
    $numRows = DB_numRows($result);
    $retval = array();
    for ($i = 0; $i < $numRows; $i++) {
        $A = DB_fetchArray($result);
        $props = array();
        foreach ($properties as $p) {
            switch ($p) {
                case 'date-created':
                    $props['date-created'] = $A['unixdate'];
                    break;
                case 'date-modified':
                    $props['date-modified'] = $A['unixdate'];
                    break;
                case 'description':
                    $props['description'] = trim(PLG_replaceTags(stripslashes($A['introtext']) . ' ' . stripslashes($A['bodytext'])));
                    break;
                case 'excerpt':
                    $excerpt = stripslashes($A['introtext']);
                    if (!empty($A['bodytext'])) {
                        $excerpt .= "\n\n" . stripslashes($A['bodytext']);
                    }
                    $props['excerpt'] = trim(PLG_replaceTags($excerpt));
                    break;
                case 'feed':
                    $feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '::all'");
                    if (empty($feedfile)) {
                        $feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '::frontpage'");
                    }
                    if (empty($feedfile)) {
                        $feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '{$A['tid']}'");
                    }
                    if (empty($feedfile)) {
                        $props['feed'] = '';
                    } else {
                        $props['feed'] = SYND_getFeedUrl($feedfile);
                    }
                    break;
                case 'id':
                    $props['id'] = $A['sid'];
                    break;
                case 'title':
                    $props['title'] = stripslashes($A['title']);
                    break;
                case 'url':
                    if (empty($A['sid'])) {
                        $props['url'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
                    } else {
                        $props['url'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
                    }
                    break;
                default:
                    // return empty string for unknown properties
                    $props[$p] = '';
                    break;
            }
        }
        $mapped = array();
        foreach ($props as $key => $value) {
            if ($sid == '*') {
                if ($value != '') {
                    $mapped[$key] = $value;
                }
            } else {
                $mapped[] = $value;
            }
        }
        if ($sid == '*') {
            $retval[] = $mapped;
        } else {
            $retval = $mapped;
            break;
        }
    }
    if ($sid != '*' && count($retval) == 1) {
        $retval = $retval[0];
    }
    return $retval;
}
Beispiel #18
0
    // if we keep track of the last login date, count the number of users
    // that have logged in during the last 4 weeks
    $sql = array();
    $sql['pgsql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['users']} AS u,{$_TABLES['userinfo']} AS i WHERE (u.uid > 1) AND (u.uid = i.uid) AND (lastlogin <> '') AND (lastlogin::int4 >= date_part('epoch', INTERVAL '28 DAY'))";
    $sql['mysql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['users']} AS u,{$_TABLES['userinfo']} AS i WHERE (u.uid > 1) AND (u.uid = i.uid) AND (lastlogin <> '') AND (lastlogin >= UNIX_TIMESTAMP(DATE_SUB(NOW(), INTERVAL 28 DAY)))";
    $result = DB_query($sql);
    list($active_users) = DB_fetchArray($result);
} else {
    // otherwise, just count all users with status 'active'
    // (i.e. those that logged in at least once and have not been banned since)
    $active_users = DB_count($_TABLES['users'], 'status', 3);
    $active_users--;
    // don't count the anonymous user account
}
$data_arr[] = array('title' => $LANG10[27], 'stats' => COM_NumberFormat($active_users));
$topicsql = COM_getTopicSql('AND', 0, 'ta');
$id = array('draft_flag', 'date');
$values = array('0', 'NOW()');
$sql = "SELECT COUNT(DISTINCT sid) AS count, SUM(comments) AS ccount\n    FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n    WHERE ta.type = 'article' AND ta.id = sid\n    AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND') . $topicsql;
$result = DB_query($sql);
$A = DB_fetchArray($result);
if (empty($A['ccount'])) {
    $A['ccount'] = 0;
}
$data_arr[] = array('title' => $LANG10[3], 'stats' => COM_NumberFormat($A['count']) . " (" . COM_NumberFormat($A['ccount']) . ")");
// new stats plugin API call
$plg_stats = PLG_getPluginStats(3);
if (count($plg_stats) > 0) {
    foreach ($plg_stats as $pstats) {
        if (is_array($pstats[0])) {
            foreach ($pstats as $pmstats) {
Beispiel #19
0
/**
* Shows story editor
*
* Displays the story entry form
*
* @param    string      $sid            ID of story to edit
* @param    string      $mode           'preview', 'edit', 'editsubmission', 'clone'
* @param    string      $errormsg       a message to display on top of the page
* @param    string      $currenttopic   topic selection for drop-down menu
* @return   string      HTML for story editor
*
*/
function storyeditor($sid = '', $mode = '', $errormsg = '', $currenttopic = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG24, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS;
    $display = '';
    if (!isset($_CONF['hour_mode'])) {
        $_CONF['hour_mode'] = 12;
    }
    if (!empty($errormsg)) {
        $display .= COM_showMessageText($errormsg, $LANG24[25]);
    }
    if (!empty($currenttopic)) {
        $allowed = DB_getItem($_TABLES['topics'], 'tid', "tid = '" . addslashes($currenttopic) . "'" . COM_getTopicSql('AND'));
        if ($allowed != $currenttopic) {
            $currenttopic = '';
        }
    }
    $story = new Story();
    if ($mode == 'preview') {
        // Handle Magic GPC Garbage:
        while (list($key, $value) = each($_POST)) {
            if (!is_array($value)) {
                $_POST[$key] = COM_stripslashes($value);
            } else {
                while (list($subkey, $subvalue) = each($value)) {
                    $value[$subkey] = COM_stripslashes($subvalue);
                }
            }
        }
        $result = $story->loadFromArgsArray($_POST);
        // in preview mode, we now need to re-insert the images
        if ($_CONF['maximagesperarticle'] > 0) {
            $errors = $story->insertImages();
            if (count($errors) > 0) {
                $msg = $LANG24[55] . LB . '<ul>' . LB;
                foreach ($errors as $err) {
                    $msg .= '<li>' . $err . '</li>' . LB;
                }
                $msg .= '</ul>' . LB;
                $display .= COM_showMessageText($msg, $LANG24[54]);
            }
        }
    } else {
        $result = $story->loadFromDatabase($sid, $mode);
    }
    if ($result == STORY_PERMISSION_DENIED || $result == STORY_NO_ACCESS_PARAMS) {
        $display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied']);
        COM_accessLog("User {$_USER['username']} tried to illegally access story {$sid}.");
        return $display;
    } elseif ($result == STORY_EDIT_DENIED || $result == STORY_EXISTING_NO_EDIT_PERMISSION) {
        $display .= COM_showMessageText($LANG24[41], $LANG_ACCESS['accessdenied']);
        $display .= STORY_renderArticle($story, 'p');
        COM_accessLog("User {$_USER['username']} tried to illegally edit story {$sid}.");
        return $display;
    } elseif ($result == STORY_INVALID_SID) {
        if ($mode == 'editsubmission') {
            // that submission doesn't seem to be there any more (may have been
            // handled by another Admin) - take us back to the moderation page
            return COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
        } else {
            return COM_refresh($_CONF['site_admin_url'] . '/story.php');
        }
    } elseif ($result == STORY_DUPLICATE_SID) {
        $display .= COM_showMessageText($LANG24[24]);
    }
    // Load HTML templates
    $story_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/story');
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $story_templates->set_file(array('editor' => 'storyeditor_advanced.thtml'));
        $advanced_editormode = true;
        $story_templates->set_var('change_editormode', 'onchange="change_editmode(this);"');
        require_once $_CONF['path_system'] . 'classes/navbar.class.php';
        $story_templates->set_var('show_preview', 'none');
        $story_templates->set_var('lang_expandhelp', $LANG24[67]);
        $story_templates->set_var('lang_reducehelp', $LANG24[68]);
        $story_templates->set_var('lang_publishdate', $LANG24[69]);
        $story_templates->set_var('lang_toolbar', $LANG24[70]);
        $story_templates->set_var('toolbar1', $LANG24[71]);
        $story_templates->set_var('toolbar2', $LANG24[72]);
        $story_templates->set_var('toolbar3', $LANG24[73]);
        $story_templates->set_var('toolbar4', $LANG24[74]);
        $story_templates->set_var('toolbar5', $LANG24[75]);
        if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
            $story_templates->set_var('show_texteditor', 'none');
            $story_templates->set_var('show_htmleditor', '');
        } else {
            $story_templates->set_var('show_texteditor', '');
            $story_templates->set_var('show_htmleditor', 'none');
        }
    } else {
        $story_templates->set_file(array('editor' => 'storyeditor.thtml'));
        $advanced_editormode = false;
    }
    $story_templates->set_var('hour_mode', $_CONF['hour_mode']);
    if ($story->hasContent()) {
        $previewContent = STORY_renderArticle($story, 'p');
        if ($advanced_editormode and $previewContent != '') {
            $story_templates->set_var('preview_content', $previewContent);
        } elseif ($previewContent != '') {
            $display .= COM_startBlock($LANG24[26], '', COM_getBlockTemplate('_admin_block', 'header'));
            $display .= $previewContent;
            $display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
        }
    }
    if ($advanced_editormode) {
        $navbar = new navbar();
        if (!empty($previewContent)) {
            $navbar->add_menuitem($LANG24[79], 'showhideEditorDiv("preview",0);return false;', true);
            $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",1);return false;', true);
            $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",2);return false;', true);
            $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",3);return false;', true);
            $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",4);return false;', true);
            $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",5);return false;', true);
            $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",6);return false;', true);
        } else {
            $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",0);return false;', true);
            $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",1);return false;', true);
            $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",2);return false;', true);
            $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",3);return false;', true);
            $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",4);return false;', true);
            $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",5);return false;', true);
        }
        if ($mode == 'preview') {
            $story_templates->set_var('show_preview', '');
            $story_templates->set_var('show_htmleditor', 'none');
            $story_templates->set_var('show_texteditor', 'none');
            $story_templates->set_var('show_submitoptions', 'none');
            $navbar->set_selected($LANG24[79]);
        } else {
            $navbar->set_selected($LANG24[80]);
        }
        $story_templates->set_var('navbar', $navbar->generate());
    }
    $oldsid = $story->EditElements('originalSid');
    if (!empty($oldsid) && $mode != 'clone') {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $story_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $story_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    }
    if ($mode == 'editsubmission' || $story->type == 'submission') {
        $story_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
    }
    $story_templates->set_var('lang_author', $LANG24[7]);
    $storyauthor = COM_getDisplayName($story->EditElements('uid'));
    $story_templates->set_var('story_author', $storyauthor);
    $story_templates->set_var('author', $storyauthor);
    $story_templates->set_var('story_uid', $story->EditElements('uid'));
    // user access info
    $story_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $story_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($story->EditElements('owner_id'));
    $story_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', 'uid = ' . $story->EditElements('owner_id')));
    $story_templates->set_var('owner_name', $ownername);
    $story_templates->set_var('owner', $ownername);
    $story_templates->set_var('owner_id', $story->EditElements('owner_id'));
    $story_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $story_templates->set_var('group_dropdown', SEC_getGroupDropdown($story->EditElements('group_id'), 3));
    $story_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $story_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $story_templates->set_var('permissions_editor', SEC_getPermissionsHTML($story->EditElements('perm_owner'), $story->EditElements('perm_group'), $story->EditElements('perm_members'), $story->EditElements('perm_anon')));
    $story_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $story_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $curtime = COM_getUserDateTimeFormat($story->EditElements('date'));
    $story_templates->set_var('lang_date', $LANG24[15]);
    $story_templates->set_var('publish_second', $story->EditElements('publish_second'));
    $publish_ampm = '';
    $publish_hour = $story->EditElements('publish_hour');
    if ($publish_hour >= 12) {
        if ($publish_hour > 12) {
            $publish_hour = $publish_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('publish_ampm', $ampm);
    $story_templates->set_var('publishampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('publish_month'));
    $story_templates->set_var('publish_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('publish_day'));
    $story_templates->set_var('publish_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('publish_year'));
    $story_templates->set_var('publish_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('publish_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($publish_hour);
    }
    $story_templates->set_var('publish_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('publish_minute'));
    $story_templates->set_var('publish_minute_options', $minute_options);
    $story_templates->set_var('publish_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('unixdate'));
    $story_templates->set_var('expire_second', $story->EditElements('expire_second'));
    $expire_ampm = '';
    $expire_hour = $story->EditElements('expire_hour');
    if ($expire_hour >= 12) {
        if ($expire_hour > 12) {
            $expire_hour = $expire_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('expire_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="expire_ampm" value=""' . XHTML . '>';
    }
    $story_templates->set_var('expireampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('expire_month'));
    $story_templates->set_var('expire_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('expire_day'));
    $story_templates->set_var('expire_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('expire_year'));
    $story_templates->set_var('expire_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('expire_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($expire_hour);
    }
    $story_templates->set_var('expire_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('expire_minute'));
    $story_templates->set_var('expire_minute_options', $minute_options);
    $story_templates->set_var('expire_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('expirestamp'));
    $atopic = DB_getItem($_TABLES['topics'], 'tid', "archive_flag = 1");
    $have_archive_topic = empty($atopic) ? false : true;
    if ($story->EditElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked3', 'checked="checked"');
        $js_showarchivedisabled = 'false';
        $have_archive_topic = true;
        // force display of auto archive option
    } elseif ($story->EditElements('statuscode') == STORY_DELETE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked4', 'checked="checked"');
        if (!$have_archive_topic) {
            $story_templates->set_var('is_checked3', 'style="display:none;"');
        }
        $js_showarchivedisabled = 'false';
    } else {
        if (!$have_archive_topic) {
            $story_templates->set_var('is_checked3', 'style="display:none;"');
        }
        $js_showarchivedisabled = 'true';
    }
    $story_templates->set_var('lang_archivetitle', $LANG24[58]);
    $story_templates->set_var('lang_option', $LANG24[59]);
    $story_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $story_templates->set_var('lang_story_stats', $LANG24[87]);
    if ($have_archive_topic) {
        $story_templates->set_var('lang_optionarchive', $LANG24[61]);
    } else {
        $story_templates->set_var('lang_optionarchive', '');
    }
    $story_templates->set_var('lang_optiondelete', $LANG24[62]);
    $story_templates->set_var('lang_title', $LANG_ADMIN['title']);
    $story_templates->set_var('story_title', $story->EditElements('title'));
    $story_templates->set_var('lang_page_title', $LANG_ADMIN['page_title']);
    $story_templates->set_var('page_title', $story->EditElements('page_title'));
    $story_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $story_templates->set_var('meta_description', $story->EditElements('meta_description'));
    $story_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    $story_templates->set_var('meta_keywords', $story->EditElements('meta_keywords'));
    if ($_CONF['meta_tags'] > 0) {
        $story_templates->set_var('hide_meta', '');
    } else {
        $story_templates->set_var('hide_meta', ' style="display:none;"');
    }
    $story_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    if (empty($currenttopic) && $story->EditElements('tid') == '') {
        $story->setTid(DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND')));
    } elseif ($story->EditElements('tid') == '') {
        $story->setTid($currenttopic);
    }
    $tlist = COM_topicList('tid,topic', $story->EditElements('tid'), 1, true);
    if (empty($tlist)) {
        $display .= COM_showMessage(101);
        return $display;
    }
    $story_templates->set_var('topic_options', $tlist);
    $story_templates->set_var('lang_show_topic_icon', $LANG24[56]);
    if ($story->EditElements('show_topic_icon') == 1) {
        $story_templates->set_var('show_topic_icon_checked', 'checked="checked"');
    } else {
        $story_templates->set_var('show_topic_icon_checked', '');
    }
    $story_templates->set_var('lang_draft', $LANG24[34]);
    if ($story->EditElements('draft_flag')) {
        $story_templates->set_var('is_checked', 'checked="checked"');
    }
    $story_templates->set_var('lang_mode', $LANG24[3]);
    $story_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $story->EditElements('statuscode')));
    $story_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $story->EditElements('commentcode')));
    $story_templates->set_var('trackback_options', COM_optionList($_TABLES['trackbackcodes'], 'code,name', $story->EditElements('trackbackcode')));
    // comment expire
    $story_templates->set_var('lang_cmt_disable', $LANG24[63]);
    if ($story->EditElements('cmt_close')) {
        $story_templates->set_var('is_checked5', 'checked="checked"');
        $js_showcmtclosedisabled = 'false';
    } else {
        $js_showcmtclosedisabled = 'true';
    }
    $month_options = COM_getMonthFormOptions($story->EditElements('cmt_close_month'));
    $story_templates->set_var('cmt_close_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('cmt_close_day'));
    $story_templates->set_var('cmt_close_day_options', $day_options);
    // ensure that the year dropdown includes the close year
    $endtm = mktime(0, 0, 0, date('m'), date('d') + $_CONF['article_comment_close_days'], date('Y'));
    $yoffset = date('Y', $endtm) - date('Y');
    $close_year = $story->EditElements('cmt_close_year');
    if ($yoffset < -1) {
        $year_options = COM_getYearFormOptions($close_year, $yoffset);
    } elseif ($yoffset > 5) {
        $year_options = COM_getYearFormOptions($close_year, -1, $yoffset);
    } else {
        $year_options = COM_getYearFormOptions($close_year);
    }
    $story_templates->set_var('cmt_close_year_options', $year_options);
    $cmt_close_ampm = '';
    $cmt_close_hour = $story->EditElements('cmt_close_hour');
    //correct hour
    if ($cmt_close_hour >= 12) {
        if ($cmt_close_hour > 12) {
            $cmt_close_hour = $cmt_close_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('cmt_close_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="cmt_close_ampm" value=""' . XHTML . '>';
    }
    $story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($cmt_close_hour);
    }
    $story_templates->set_var('cmt_close_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
    $story_templates->set_var('cmt_close_minute_options', $minute_options);
    $story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
    if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
        $featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
    } else {
        $featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"" . XHTML . ">";
    }
    $story_templates->set_var('featured_options', $featured_options);
    $story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
    $story_templates->set_var('story_introtext', $story->EditElements('introtext'));
    $story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
    $story_templates->set_var('lang_introtext', $LANG24[16]);
    $story_templates->set_var('lang_bodytext', $LANG24[17]);
    $story_templates->set_var('lang_postmode', $LANG24[4]);
    $story_templates->set_var('lang_publishoptions', $LANG24[76]);
    $story_templates->set_var('noscript', COM_getNoScript(false, $LANG24[77], sprintf($LANG24[78], $_CONF['site_admin_url'], $sid)));
    $post_options = COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode'));
    // If Advanced Mode - add post option and set default if editing story created with Advanced Editor
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
            $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
        } else {
            $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
        }
    }
    if ($_CONF['wikitext_editor']) {
        if ($story->EditElements('postmode') == 'wikitext') {
            $post_options .= '<option value="wikitext" selected="selected">' . $LANG24[88] . '</option>';
        } else {
            $post_options .= '<option value="wikitext">' . $LANG24[88] . '</option>';
        }
    }
    $story_templates->set_var('post_options', $post_options);
    $story_templates->set_var('lang_allowed_html', COM_allowedHTML('story.edit'));
    $fileinputs = '';
    $saved_images = '';
    if ($_CONF['maximagesperarticle'] > 0) {
        $story_templates->set_var('lang_images', $LANG24[47]);
        $icount = DB_count($_TABLES['article_images'], 'ai_sid', $story->getSid());
        if ($icount > 0) {
            $result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . $story->getSid() . "'");
            for ($z = 1; $z <= $icount; $z++) {
                $I = DB_fetchArray($result_articles);
                $saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . '&nbsp;&nbsp;&nbsp;' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']"' . XHTML . '><br' . XHTML . '>';
            }
        }
        $newallowed = $_CONF['maximagesperarticle'] - $icount;
        for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
            $fileinputs .= $z . ') <input type="file" dir="ltr" name="file' . $z . '"' . XHTML . '>';
            if ($z < $_CONF['maximagesperarticle']) {
                $fileinputs .= '<br' . XHTML . '>';
            }
        }
        $fileinputs .= '<br' . XHTML . '>' . $LANG24[51];
        if ($_CONF['allow_user_scaling'] == 1) {
            $fileinputs .= $LANG24[27];
        }
        $fileinputs .= $LANG24[28] . '<br' . XHTML . '>';
    }
    // *****************************************
    // Add JavaScript
    if (!$advanced_editormode) {
        $js = '<script type="text/javascript">
        //<![CDATA[
        function enablearchive(obj) {
            var f = obj.form;           // all elements have their parent form in "form"
            var disable = obj.checked;  // Disable when checked
            if (f.elements["archiveflag"].checked==true && f.elements["storycode11"].checked==false) {
                f.elements["storycode10"].checked=true;
            }
            f.elements["storycode10"].disabled=!disable;
            f.elements["storycode11"].disabled=!disable;
            f.elements["expire_month"].disabled=!disable;
            f.elements["expire_day"].disabled=!disable;
            f.elements["expire_year"].disabled=!disable;
            f.elements["expire_hour"].disabled=!disable;
            f.elements["expire_minute"].disabled=!disable;
            f.elements["expire_ampm"].disabled=!disable;
        }
            
            function enablecmtclose(obj) {
            var f = obj.form;           // all elements have their parent form in "form"
            var disable = obj.checked;  // Disable when checked
        
            f.elements["cmt_close_month"].disabled=!disable;
            f.elements["cmt_close_day"].disabled=!disable;
            f.elements["cmt_close_year"].disabled=!disable;
            f.elements["cmt_close_hour"].disabled=!disable;
            f.elements["cmt_close_minute"].disabled=!disable;
            f.elements["cmt_close_ampm"].disabled=!disable;
            
        }
        //]]>
        </script>' . LB;
    } else {
        $js = '<script type="text/javascript">
            // Setup editor path for FCKeditor JS Functions
            geeklogEditorBasePath = "' . $_CONF['site_url'] . '/fckeditor/";
        </script>' . LB;
        $js .= '<!-- Hide the Advanced Editor as Javascript is required. If JS is enabled then the JS below will un-hide it -->
        <script type="text/javascript">
            document.getElementById("advanced_editor").style.display=""
        </script>';
        $_SCRIPTS->setJavaScriptFile('advanced_editor', '/javascript/advanced_editor.js');
        $_SCRIPTS->setJavaScriptFile('storyeditor_fckeditor', '/javascript/storyeditor_fckeditor.js');
    }
    $js .= '<script type="text/javascript">
    <!-- This code will only be executed by a browser that supports Javascript -->
    var jstest = ' . $js_showarchivedisabled . ';
    var jstest2 = ' . $js_showcmtclosedisabled . ';
    if (jstest) {
        document.frmstory.expire_month.disabled=true;
        document.frmstory.expire_day.disabled=true;
        document.frmstory.expire_year.disabled=true;
        document.frmstory.expire_hour.disabled=true;
        document.frmstory.expire_minute.disabled=true;
        document.frmstory.expire_ampm.disabled=true;
        document.frmstory.storycode10.disabled=true;
        document.frmstory.storycode11.disabled=true;
    }
    if (jstest2) {
        document.frmstory.cmt_close_month.disabled=true;
        document.frmstory.cmt_close_day.disabled=true;
        document.frmstory.cmt_close_year.disabled=true;
        document.frmstory.cmt_close_hour.disabled=true;
        document.frmstory.cmt_close_minute.disabled=true;
        document.frmstory.cmt_close_ampm.disabled=true;
    }
    </script>';
    $_SCRIPTS->setJavaScript($js);
    // *****************************************
    $story_templates->set_var('saved_images', $saved_images);
    $story_templates->set_var('image_form_elements', $fileinputs);
    $story_templates->set_var('lang_hits', $LANG24[18]);
    $story_templates->set_var('story_hits', $story->EditElements('hits'));
    $story_templates->set_var('lang_comments', $LANG24[19]);
    $story_templates->set_var('story_comments', $story->EditElements('comments'));
    $story_templates->set_var('lang_trackbacks', $LANG24[29]);
    $story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
    $story_templates->set_var('lang_emails', $LANG24[39]);
    $story_templates->set_var('story_emails', $story->EditElements('numemails'));
    if ($mode == 'clone') {
        $story_templates->set_var('story_id', COM_makesid());
    } else {
        $story_templates->set_var('story_id', $story->getSid());
        $story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
    }
    $story_templates->set_var('lang_sid', $LANG24[12]);
    $story_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    $story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
    $story_templates->set_var('gltoken_name', CSRF_TOKEN);
    $token = SEC_createToken();
    $story_templates->set_var('gltoken', $token);
    $story_templates->parse('output', 'editor');
    $display .= COM_startBlock($LANG24[5], '', COM_getBlockTemplate('_admin_block', 'header'));
    $display .= SEC_getTokenExpiryNotice($token, $LANG24[91]);
    $display .= $story_templates->finish($story_templates->get_var('output'));
    $display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $display;
}
Beispiel #20
0
 /**
  * Sets up basic data for a new user submission story
  *
  * @param   string   Topic the user picked before heading to submission
  */
 function initSubmission($topic)
 {
     global $_USER, $_CONF, $_TABLES;
     if (COM_isAnonUser()) {
         $this->_uid = 1;
     } else {
         $this->_uid = $_USER['uid'];
     }
     $this->_postmode = $_CONF['postmode'];
     // If a topic has been specified, use it, if permitted
     // otherwise, fall back to the default permitted topic.
     // if we still don't have one...
     // Have we specified a permitted topic?
     if (!empty($topic)) {
         $allowed = DB_getItem($_TABLES['topics'], 'tid', "tid = '" . addslashes($topic) . "'" . COM_getTopicSql('AND'));
         if ($allowed != $topic) {
             $topic = '';
         }
     }
     // Do we now not have a topic?
     if (empty($topic)) {
         // Get default permitted:
         $topic = DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND'));
     }
     // Use what we have:
     $this->_tid = $topic;
     $this->_date = time();
 }
Beispiel #21
0
/**
 * Extract story ID (sid) from the URL
 * Accepts rewritten and old-style URLs. Also checks permissions.
 *
 * @param    string $url targetURI, a URL on our site
 * @return   string          story ID or empty string for error
 */
function PNB_getSid($url)
{
    global $_CONF, $_TABLES;
    $retval = '';
    $sid = '';
    $params = substr($url, strlen($_CONF['site_url'] . '/article.php'));
    if (substr($params, 0, 1) === '?') {
        // old-style URL
        $pos = strpos($params, 'story=');
        if ($pos !== false) {
            $part = substr($params, $pos + strlen('story='));
            $parts = explode('&', $part);
            $sid = $parts[0];
        }
    } elseif (substr($params, 0, 1) == '/') {
        // rewritten URL
        $parts = explode('/', substr($params, 1));
        $sid = $parts[0];
    }
    if (!empty($sid)) {
        $parts = explode('#', $sid);
        $sid = $parts[0];
    }
    // okay, so we have a SID - but are they allowed to access the story?
    if (!empty($sid)) {
        $testsid = DB_escapeString($sid);
        $result = DB_query("SELECT trackbackcode FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND sid = '{$testsid}'" . COM_getPermSql('AND') . COM_getTopicSql('AND', 0, ta));
        if (DB_numRows($result) == 1) {
            $A = DB_fetchArray($result);
            if ($A['trackbackcode'] == 0) {
                $retval = $sid;
            }
        }
    }
    return $retval;
}
Beispiel #22
0
/**
* Display main view (list of years)
*
* Displays an overview of all the years and months, starting with the first
* year for which a story has been posted. Can optionally display a list of
* the stories for the current month at the top of the page.
*
* @param    ref    &$template  reference of the template
* @param    string  $dir_topic current topic
* @return   string             list of all the years in the db
*
*/
function DIR_displayAll(&$template, $dir_topic)
{
    global $_TABLES, $LANG_DIR;
    $retval = '';
    $yearsql = array();
    $yearsql['mysql'] = "SELECT DISTINCT YEAR(date) AS year,date FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW())" . COM_getTopicSql('AND') . COM_getPermSql('AND') . COM_getLangSQL('sid', 'AND');
    $ysql = array();
    $ysql['mysql'] = $yearsql['mysql'] . " GROUP BY YEAR(date) ORDER BY date DESC";
    $yresult = DB_query($ysql);
    $numyears = DB_numRows($yresult);
    if ($numyears > 0) {
        for ($i = 0; $i < $numyears; $i++) {
            $Y = DB_fetchArray($yresult);
            $template->set_var('section_title', $Y['year']);
            $retval .= $template->parse('title', 'section-title') . LB;
            $retval .= DIR_displayYear($template, $dir_topic, $Y['year']);
        }
    } else {
        $retval .= $template->parse('message', 'no-articles') . LB;
    }
    return $retval;
}