Beispiel #1
0
function dashboard_script()
{
    list($snippet, $text) = GET('snippet, text');
    if ($snippet == '') {
        $snippet = 'sandbox';
    }
    // Prevent subfoldering
    $snippet = preg_replace('/[^a-z0-9\\-\\.]/i', '_', $snippet);
    if (request_type('POST')) {
        cn_dsi_check();
        // Click select only
        if (!REQ('select', 'POST')) {
            if (REQ('delete', 'POST')) {
                $_t = getoption('#snippets');
                unset($_t[$snippet]);
                setoption('#snippets', $_t);
                $snippet = 'sandbox';
            } else {
                // Create new snippet
                if (REQ('create', 'POST')) {
                    $snippet = REQ('create');
                }
                setoption('#snippets/' . $snippet, $text);
                cn_throw_message('Changes saved');
            }
        } else {
            cn_throw_message('Select snippet [' . cn_htmlspecialchars($snippet) . ']');
        }
    }
    $list = getoption('#snippets');
    if (empty($list)) {
        $list['sandbox'] = '';
    }
    $opt_txt = getoption('#snippets/' . $snippet);
    $params = array('list' => $list, 'text' => !empty($opt_txt) ? $opt_txt : '', 'can_delete' => $snippet !== 'sandbox' ? TRUE : FALSE, 'snippet' => $snippet, 'snippets' => getoption('#snippets'));
    echoheader('-@dashboard/style.css', 'HTML Scripts');
    echo exec_tpl('dashboard/script', $params);
    echofooter();
}
Beispiel #2
0
function db_index_update_overall($source = '')
{
    $ct = ctime();
    $period = 30 * 24 * 3600;
    $fn = db_index_file_detect($source);
    $ls = file($fn);
    $index_data = array('uids' => array(), 'locs' => array(), 'coms' => 0, 'min_id' => $ct);
    foreach ($ls as $vi) {
        $vips = explode(':', $vi);
        $id = isset($vips[0]) ? $vips[0] : false;
        $ui = isset($vips[2]) ? $vips[2] : false;
        $co = isset($vips[3]) ? $vips[3] : false;
        if ($id !== FALSE) {
            $id = base_convert($id, 36, 10);
            $loc = db_get_nloc($id);
            if (isset($index_data['locs'][$loc])) {
                $index_data['locs'][$loc]++;
            } else {
                $index_data['locs'][$loc] = 1;
            }
            if ($index_data['min_id'] > $id) {
                $index_data['min_id'] = $id;
            }
        }
        if ($ui !== FALSE) {
            if (isset($index_data['uids'][$ui])) {
                $index_data['uids'][$ui]++;
            } else {
                $index_data['uids'][$ui] = 1;
            }
        }
        if ($co !== FALSE) {
            $index_data['coms'] += $co;
        }
    }
    // Active news is many, auto archive it (and user is hasn't draft rights)
    if ($source == '' && $index_data['min_id'] < $ct - $period && getoption('auto_archive') && !test('Bd')) {
        $cc = db_make_archive(0, ctime());
        cn_throw_message('Autoarchive performed');
        if (getoption('notify_archive')) {
            cn_send_mail(getoption('notify_email'), i18n("Auto archive news"), i18n("Active news has been archived (%1 articles)", $cc));
        }
        // Refresh overall index
        return db_index_update_overall();
    }
    // save meta-data
    $meta = db_index_file_detect("meta-{$source}");
    if ($w = fopen($meta, "w+")) {
        fwrite($w, base64_encode(serialize($index_data)));
        fclose($w);
    }
    return TRUE;
}
Beispiel #3
0
function edit_news_action_massaction()
{
    $FlatDB = new FlatDB();
    list($subaction, $source, $archive_id) = GET('subaction, source, archive_id');
    // Mass Delete
    if ($subaction == 'mass_delete') {
        if (!test('Nud')) {
            cn_throw_message("Operation not permitted for you", 'w');
        }
        list($selected_news) = GET('selected_news');
        if (empty($selected_news)) {
            cn_throw_message("No one news selected", 'e');
        } else {
            $count = count($selected_news);
            if (confirm_first() && $count == 0) {
                cn_throw_message('No none entry selected', 'e');
            }
            if (confirm_post("Delete selected news ({$count})")) {
                if ($source == 'archive') {
                    $source = 'archive-' . intval($archive_id);
                }
                $idx = db_index_load($source);
                // do delete news
                foreach ($selected_news as $id) {
                    $news = db_news_load(db_get_nloc($id));
                    $storent = $news[$id];
                    if (isset($news[$id])) {
                        unset($news[$id]);
                    }
                    if (isset($idx[$id])) {
                        unset($idx[$id]);
                    }
                    // Remove from meta-index (auto_id)
                    $_ts_id = bt_get_id($id, 'nts_id');
                    bt_del_id($id, 'nts_id');
                    bt_del_id($_ts_id, 'nid_ts');
                    // Remove page alias
                    $_ts_pg = bt_get_id($id, 'ts_pg');
                    bt_del_id($id, 'ts_pg');
                    bt_del_id($_ts_pg, 'pg_ts');
                    // ------
                    if (isset($storent['c'])) {
                        $FlatDB->cn_remove_categories($storent['c'], $storent['id']);
                    }
                    if (isset($storent['tg'])) {
                        $FlatDB->cn_remove_tags($storent['tg'], $storent['id']);
                    }
                    $FlatDB->cn_update_date(0, $storent['id']);
                    if (isset($storent['u'])) {
                        $FlatDB->cn_user_sync($storent['u'], 0, $storent['id']);
                    }
                    // ------
                    // Save block
                    db_save_news($news, db_get_nloc($id));
                }
                db_index_save($idx, $source);
                db_index_update_overall($source);
                // Update archive list
                if ($archive_id) {
                    $min = min(array_keys($idx));
                    $max = max(array_keys($idx));
                    $cnt = count($idx);
                    db_archive_meta_update($archive_id, $min, $max, $cnt);
                }
                $FlatDB->cache_clean();
                cn_throw_message('News deleted');
            } else {
                cn_throw_message("No one entry deleted", 'e');
            }
        }
    } elseif ($subaction == 'mass_move_to_cat') {
        cn_assign('catlist', cn_get_categories(false));
        $news_ids = GET('selected_news');
        // Disable commit without news
        if (empty($news_ids) || count($news_ids) == 1 && !$news_ids[0]) {
            cn_throw_message("No one news selected", 'e');
        } else {
            if (confirm_post(exec_tpl('addedit/changecats'))) {
                cn_dsi_check();
                list($news_ids, $cats, $source) = GET('selected_news, cats, source', 'POST');
                $nc = news_make_category(array_keys($cats));
                // Load index for update categories
                $idx = db_index_load($source);
                foreach ($news_ids as $id) {
                    $loc = db_get_nloc($id);
                    $entries = db_news_load($loc);
                    // Catch user trick
                    if (!test_cat($entries[$id]['c'])) {
                        cn_throw_message('Not allowed change category for id = ' . $id, 'w');
                    }
                    $storent = $entries[$id];
                    $idx[$id][0] = $nc;
                    $entries[$id]['c'] = $nc;
                    // ------
                    $FlatDB->cn_remove_categories($storent['c'], $storent['id']);
                    $FlatDB->cn_add_categories($nc, $storent['id']);
                    // ------
                    db_save_news($entries, $loc);
                }
                // Save updated block
                db_index_save($idx, $source);
                cn_throw_message('Successful processed');
                $FlatDB->cache_clean();
            } else {
                cn_throw_message('Operation declined by user', 'e');
            }
        }
    } elseif ($subaction == 'mass_approve') {
        if (!test('Nua')) {
            msg_info("Operation not permitted for you");
        }
        list($selected_news) = GET('selected_news');
        if (empty($selected_news)) {
            cn_throw_message('No one draft selected', 'e');
        } else {
            $ida = db_index_load('');
            $idd = db_index_load('draft');
            // do approve news
            foreach ($selected_news as $id) {
                $news = db_news_load(db_get_nloc($id));
                $news[$id]['st'] = '';
                // 1) remove from draft
                unset($idd[$id]);
                // 2) add to active index
                $ida[$id] = db_index_create($news[$id]);
                // save block
                db_save_news($news, db_get_nloc($id));
            }
            // save indexes
            db_index_save($ida);
            db_index_update_overall();
            db_index_save($idd, 'draft');
            db_index_update_overall('draft');
            $FlatDB->cache_clean();
            cn_throw_message('News was approved');
        }
    } elseif ($subaction == 'switch_to_html') {
        list($selected_news) = GET('selected_news');
        if (empty($selected_news)) {
            cn_throw_message('News not selected', 'e');
        } else {
            // do approve news
            foreach ($selected_news as $id) {
                $news = db_news_load(db_get_nloc($id));
                $news[$id]['ht'] = TRUE;
                db_save_news($news, db_get_nloc($id));
            }
            cn_throw_message('News was switched to HTML');
        }
    } else {
        cn_throw_message('Select action to process', 'w');
    }
    edit_news_action_list();
}
Beispiel #4
0
function media_invoke()
{
    $popup_form = '';
    list($path, $opt) = GET('folder, opt', 'GETPOST');
    list($do_action, $pending) = GET('do_action, pending', 'POST');
    // Change default uploads dir
    $udir = cn_path_construct(SERVDIR, 'uploads');
    if (getoption('uploads_dir')) {
        $udir = preparation_path(getoption('uploads_dir'));
    }
    $edir = getoption('uploads_ext') ? getoption('uploads_ext') : getoption('http_script_dir') . '/uploads';
    $dfile = cn_path_construct($udir, $path);
    // Remove root identifier
    $path = preparation_path($path);
    // Path detection
    $path = preg_replace('/[^a-z0-9\\/_\\\\]/i', '-', $path);
    $root_dir = cn_path_construct($udir, $path) . DIRECTORY_SEPARATOR;
    $just_uploaded = array();
    // Get path struct
    $pathes = spsep($path, DIRECTORY_SEPARATOR);
    if (isset($pathes[0]) && $pathes[0] === '') {
        unset($pathes[0]);
    }
    // Do upload files
    if (request_type('POST')) {
        cn_dsi_check();
        // Allowed Exts.
        $AE = spsep(getoption('allowed_extensions'));
        // Generate thumbnail after upload
        $thumbnail_with_upload = getoption('thumbnail_with_upload');
        // UPLOAD FILES
        if (REQ('upload', 'POST')) {
            list($overwrite) = GET('overwrite');
            $is_uploaded = FALSE;
            // Try for fopen url upload
            if ($upload_from_inet = REQ('upload_from_inet')) {
                if (ini_get('allow_url_fopen')) {
                    // Get filename
                    $url_name = spsep($upload_from_inet, '/');
                    $url_name = $url_name[count($url_name) - 1];
                    $url_name = preg_replace('/(%20|\\s|\\?|&|\\/)/', '_', $url_name);
                    $url_name = str_replace('%', '_', $url_name);
                    // resolve filename
                    $c_file = $dfile . $url_name;
                    // Overwrite [if can], or add file
                    if ($overwrite && file_exists($c_file) || !file_exists($c_file)) {
                        // Use context for disable error notices
                        if (function_exists('stream_context_create')) {
                            $context = stream_context_create(array('http' => array('ignore_errors' => true)));
                            $fw = fopen($upload_from_inet, 'rb', false, $context);
                        } else {
                            // Read file
                            $fw = fopen($upload_from_inet, 'rb');
                        }
                        // --------- (fetch content) ------
                        ob_start();
                        fpassthru($fw);
                        $file_image = ob_get_clean();
                        fclose($fw);
                        // ---------
                        // write2disk
                        if ($wf = fopen($c_file, 'w')) {
                            fwrite($wf, $file_image);
                            fclose($wf);
                        }
                        // check image
                        list($w, $h) = getimagesize($c_file);
                        if ($w && $h) {
                            cn_throw_message('File uploaded');
                            $max_width = getoption('max_thumbnail_width');
                            if ($w > $max_width && $thumbnail_with_upload) {
                                $resize_result = resize_image($c_file, $max_width, 0);
                                cn_throw_message($resize_result['msg'], $resize_result['status'] ? 'n' : 'w');
                            }
                            $is_uploaded = TRUE;
                            $just_uploaded[$url_name] = TRUE;
                        } else {
                            cn_throw_message("Wrong image file", 'e');
                            unlink($c_file);
                        }
                    } else {
                        cn_throw_message("Can't overwrite or save", 'e');
                    }
                } else {
                    cn_throw_message('allow_url_fopen=0, check server configurations');
                }
            }
            // Upload from local
            foreach ($_FILES['upload_file']['name'] as $id => $name) {
                if ($name) {
                    $ext = NULL;
                    if (preg_match('/\\.(\\w+)$/i', $name, $c)) {
                        $ext = strtolower($c[1]);
                    }
                    // Check allowed ext
                    if ($ext && in_array($ext, $AE)) {
                        // encode url
                        $name = str_replace('%2F', '/', urlencode($name));
                        // encoded? replace filename
                        if (strpos($name, '%') !== FALSE) {
                            $name = str_replace('%', '', strtolower($name));
                        }
                        // check file for exist
                        if (file_exists($c_file = $dfile . $name)) {
                            if ($overwrite) {
                                cn_throw_message('File [' . cn_htmlspecialchars($c_file) . '] overwritten', 'w');
                            } else {
                                cn_throw_message('File [' . cn_htmlspecialchars($c_file) . '] already exists', 'e');
                                continue;
                            }
                        }
                        // Upload file to server
                        if (move_uploaded_file($_FILES['upload_file']['tmp_name'][$id], $c_file)) {
                            $just_uploaded[$name] = TRUE;
                            cn_throw_message('File uploaded [<b>' . cn_htmlspecialchars($name) . '</b>]');
                            $max_width = getoption('max_thumbnail_width');
                            list($w, $h) = getimagesize($c_file);
                            if ($w > $max_width && $thumbnail_with_upload) {
                                $resize_result = resize_image($c_file, $max_width, 0);
                                cn_throw_message($resize_result['msg'], $resize_result['status'] ? 'n' : 'w');
                            }
                        } else {
                            cn_throw_message('File [' . cn_htmlspecialchars($c_file) . '] not uploaded! Please, check upload_max_filesize in PHP settings.', 'e');
                        }
                    } else {
                        cn_throw_message('File extension [' . cn_htmlspecialchars($ext) . '] not allowed', 'e');
                    }
                } elseif (!$is_uploaded) {
                    cn_throw_message('No selected files for upload', 'e');
                }
            }
        } elseif ($do_action || $pending) {
            list($rm) = GET('rm', 'POST');
            // action --> delete entries
            if ($do_action == 'delete') {
                if (empty($rm)) {
                    cn_throw_message('No files selected', 'w');
                } else {
                    foreach ($rm as $file) {
                        if (file_exists($cfile = $dfile . $file)) {
                            if (is_dir($cfile)) {
                                rmdir($cfile);
                            } else {
                                //get thumbnail path
                                $path_parts = pathinfo($cfile);
                                $thumbnail_path = $path_parts['dirname'] . DIRECTORY_SEPARATOR . '.thumb.' . $path_parts['basename'];
                                if (file_exists($thumbnail_path)) {
                                    unlink($thumbnail_path);
                                }
                                unlink($cfile);
                            }
                        }
                        if (file_exists($cfile)) {
                            cn_throw_message('File [' . cn_htmlspecialchars($cfile) . '] not deleted!', 'e');
                        } else {
                            cn_throw_message('File [' . cn_htmlspecialchars($file) . '] deleted successfully');
                        }
                    }
                }
            } elseif ($do_action == 'create') {
                $popup_form = i18n('Enter directory name') . ' <input type="text" name="new_dir" value="" />';
            } elseif ($pending == 'create') {
                $new_dir_arr = GET('new_dir', 'POST');
                $new_folder = array_pop($new_dir_arr);
                $new_folder = preg_replace('/[^a-z0-9_]/i', '-', $new_folder);
                if ($new_folder) {
                    $cfile = $dfile . $new_folder;
                    if (is_dir($cfile)) {
                        cn_throw_message('Folder [' . $new_folder . '] already exists!', 'e');
                    } else {
                        mkdir($cfile);
                        if (!is_dir($cfile)) {
                            cn_throw_message('Folder [' . cn_htmlspecialchars($cfile) . ' not created]', 'e');
                        } else {
                            cn_throw_message('Folder [' . $new_folder . '] created!');
                        }
                    }
                } else {
                    cn_throw_message('Specify folder name', 'w');
                }
                $popup_form = '';
            } elseif ($do_action == 'rename') {
                if ($rm) {
                    $popup_form = '<div class="big_font">' . i18n('Rename file to') . '</div>';
                    $popup_form .= i18n('Tip: Write new file name') . '<br />';
                    $popup_form .= '<table>';
                    foreach ($rm as $id => $fn) {
                        $hfn = cn_htmlspecialchars($fn);
                        $popup_form .= '<tr><td align="right" class="indent"><b>' . $hfn . '</b><td>';
                        $popup_form .= '<td><input type="hidden" name="ids[' . $id . ']" value="' . $hfn . '"/>&rarr;</td>';
                        $popup_form .= '<td><input style="width: 300px;" type="text" name="place[' . $id . ']" value="' . $hfn . '" /> ';
                        $popup_form .= '</td></tr>';
                    }
                    $popup_form .= '</table>';
                } else {
                    cn_throw_message('Select files to rename', 'w');
                }
            } elseif ($pending == 'rename') {
                // ...
                list($ids, $place) = GET('ids, place', 'POST');
                // prevent illegal moves
                $safe_dir = scan_dir($root_dir);
                foreach ($safe_dir as $id => $v) {
                    $safe_dir[$id] = md5($v);
                }
                // do move all files / dirs
                foreach ($ids as $id => $file) {
                    if (in_array(md5($file), $safe_dir)) {
                        $filename = $place[$id];
                        if (strpos($filename, '\\') || strpos($filename, '/')) {
                            cn_throw_message(i18n('The name of file [%1] should not contain special characters', cn_htmlspecialchars($file)), 'e');
                            continue;
                        }
                        $renameto = $root_dir . $filename;
                        $thumb = $root_dir . '.thumb.' . $file;
                        // do move
                        if (rename($root_dir . $file, $renameto)) {
                            if (file_exists($thumb)) {
                                rename($thumb, $root_dir . '.thumb.' . $filename);
                            }
                            cn_throw_message(i18n('File [%1] renamed to [%2]', cn_htmlspecialchars($file), cn_htmlspecialchars($filename)));
                        } else {
                            cn_throw_message(i18n('File [%1] not renamed', cn_htmlspecialchars($file)), 'e');
                        }
                    }
                }
            } elseif ($do_action == 'move') {
                if ($rm) {
                    $popup_form = '<div class="big_font">' . i18n('Move files to') . '</div>';
                    $popup_form .= i18n('Tip: You can select the folder to move the file') . '<br />';
                    $popup_form .= '<table>';
                    $folders = array();
                    $dirs = scan_dir($root_dir);
                    foreach ($dirs as $entry) {
                        if (is_dir($root_dir . $entry) && !($entry === '..' || $entry === '.')) {
                            $folders[] = $entry;
                        }
                    }
                    foreach ($rm as $id => $fn) {
                        $hfn = cn_htmlspecialchars($fn);
                        $popup_form .= '<tr><td align="right" class="indent"><b>' . $hfn . '</b><td>';
                        $popup_form .= '<td><input type="hidden" name="ids[' . $id . ']" value="' . $hfn . '"/>&rarr;</td>';
                        $popup_form .= '<td>';
                        $cnt_folders = count($folders);
                        if ($cnt_folders != 0 && !($cnt_folders == 1 && in_array($hfn, $folders))) {
                            $popup_form .= '<select name="place_folder_' . $id . '">';
                            foreach ($folders as $dirn) {
                                if ($dirn != $hfn) {
                                    $popup_form .= '<option value="' . $dirn . '">' . $dirn . '</option>';
                                }
                            }
                            $popup_form .= '</select>';
                        }
                        if ($root_dir != $udir) {
                            $popup_form .= '<nobr><input type="checkbox" onclick="javascript:hideFolderList(this,' . $id . ')" name="moveup[' . $id . ']" value="Y" /> Move up</nobr>';
                        } else {
                            $popup_form .= '<nobr> X Move up (You are in root folder)</nobr>';
                        }
                        $popup_form .= '</td></tr>';
                    }
                    $popup_form .= '</table>';
                } else {
                    cn_throw_message('Select files to move', 'w');
                }
            } elseif ($pending == 'move') {
                // ...
                list($ids, $moveup) = GET('ids, moveup', 'POST');
                // prevent illegal moves
                $safe_dir = scan_dir($root_dir);
                foreach ($safe_dir as $id => $v) {
                    $safe_dir[$id] = md5($v);
                }
                // do move all files / dirs
                foreach ($ids as $id => $file) {
                    list($place_folder) = GET('place_folder_' . $id);
                    if (in_array(md5($file), $safe_dir)) {
                        $NF = '';
                        $foldername = preg_replace('/\\.\\//i', '', $place_folder);
                        // move this file up
                        if (isset($moveup[$id]) && count($pathes) > 0) {
                            $nwfolder = dirname($root_dir);
                            $foldername = 'up folder';
                        } else {
                            $nwfolder = $root_dir . ($NF = isset($rm[0]) ? $rm[0] : '') . DIRECTORY_SEPARATOR . $foldername;
                            if ($rm[0]) {
                                $NF = $rm[0] . DIRECTORY_SEPARATOR;
                            }
                        }
                        $moveto = $nwfolder . DIRECTORY_SEPARATOR . $file;
                        //check for image thumbnail
                        $thumb = $root_dir . '.thumb.' . $file;
                        // do move
                        if (rename($root_dir . $file, $moveto)) {
                            if (file_exists($thumb)) {
                                rename($thumb, $nwfolder . DIRECTORY_SEPARATOR . '.thumb.' . $file);
                            }
                            cn_throw_message(i18n('File [%1] moved to [%2]', cn_htmlspecialchars($file), cn_htmlspecialchars($foldername)));
                        } else {
                            cn_throw_message(i18n('File [%1] not moved', cn_htmlspecialchars($file)), 'e');
                        }
                    }
                }
            } elseif ($do_action == 'thumb') {
                if (!empty($_POST['rm'])) {
                    $popup_form = get_sizes_form('Make thumbnails', $do_action);
                } else {
                    cn_throw_message('Select files to make thumbnail', 'w');
                }
            } elseif ($pending == 'thumb') {
                do_resize_image($root_dir);
            } elseif ($do_action == 'resize') {
                if (!empty($_POST['rm'])) {
                    $popup_form = get_sizes_form('Resize source image', $do_action);
                } else {
                    cn_throw_message('Select files to resize', 'w');
                }
            } elseif ($pending == 'resize') {
                do_resize_image($root_dir, false);
            } elseif (!hook('media/post_action')) {
                msg_info("Action error");
            }
        }
    }
    // Check dir exists
    if (is_dir($root_dir)) {
        $raw_files = scan_dir($root_dir);
    } else {
        cn_throw_message('Dir not exists', 'e');
        $raw_files = array();
    }
    $dirs = $files = array();
    foreach ($raw_files as $file) {
        if (preg_match('/avatar_/', $file)) {
            continue;
        }
        $file_location = "{$root_dir}/{$file}";
        if (is_dir($file_location)) {
            $dirs[] = array('url' => "{$path}/{$file}", 'name' => $file);
        } elseif (filesize(cn_path_construct($udir, $path) . $file) != 0) {
            list($w, $h) = getimagesize(cn_path_construct($udir, $path) . $file);
            $is_thumb = preg_match('/\\.thumb\\./', $file);
            $files[] = array('name' => $file, 'url' => $edir . '/' . ($path ? $path . '/' : '') . $file, 'thumb' => file_exists($root_dir . '/.thumb.' . pathinfo($file, PATHINFO_BASENAME)) ? $edir . '/' . ($path ? $path . '/' : '') . '.thumb.' . pathinfo($file, PATHINFO_BASENAME) : '', 'local' => ($path ? $path . '/' : '') . $file, 'just_uploaded' => isset($just_uploaded[$file]) ? TRUE : FALSE, 'is_thumb' => $is_thumb, 'w' => $w, 'h' => $h, 'fs' => round(filesize($file_location) / 1024, 1));
        }
    }
    uasort($dirs, 'usort_by_name_asc');
    uasort($files, 'usort_by_name_asc');
    // Top level (dashboard)
    cn_bc_add('Dashboard', cn_url_modify(array('reset')));
    cn_bc_add('Media manager', cn_url_modify());
    cn_assign("files, dirs, path, pathes, popup_form, root_dir", $files, $dirs, $path, $pathes, $popup_form, $root_dir);
    if ($opt === 'inline') {
        echo exec_tpl('window', 'title=Quick insert image', 'style=media/style.css', 'content=' . exec_tpl('media/general'));
    } else {
        echoheader('-@media/style.css', 'Media manager');
        echo exec_tpl('media/general');
        echofooter();
    }
}
Beispiel #5
0
function add_news_invoke()
{
    $FlatDB = new FlatDB();
    // loadall
    list($article_type, $preview) = GET('postpone_draft, preview', 'GETPOST');
    list($from_date_hour, $from_date_minutes, $from_date_seconds, $from_date_month, $from_date_day, $from_date_year) = GET('from_date_hour, from_date_minutes, from_date_seconds, from_date_month, from_date_day, from_date_year', 'GETPOST');
    list($title, $page, $category, $short_story, $full_story, $if_use_html, $vConcat, $vTags, $faddm) = GET('title, page, category, short_story, full_story, if_use_html, concat, tags, faddm', 'GETPOST');
    $categories = cn_get_categories(false);
    list($morefields) = cn_get_more_fields($faddm);
    $is_active_html = test('Csr');
    // Prepare data to add new item
    if (request_type('POST')) {
        cn_dsi_check();
        if (!preg_match("~^[0-9]{1,}\$~", $from_date_hour) or !preg_match("~^[0-9]{1,}\$~", $from_date_minutes) or !preg_match("~^[0-9]{1,}\$~", $from_date_seconds)) {
            cn_throw_message("You want to add article, but the hour format is invalid.", 'e');
        }
        // create publish time
        $c_time = mktime($from_date_hour, $from_date_minutes, $from_date_seconds, $from_date_month, $from_date_day, $from_date_year);
        // flat category to array
        if ($category == '') {
            $category = array();
        } elseif (!is_array($category)) {
            $category = array($category);
        }
        // article is draft?
        if ($article_type == 'draft') {
            $draft = 1;
        } else {
            $draft = 0;
        }
        $if_use_html = $if_use_html ? TRUE : (getoption('use_wysiwyg') ? TRUE : FALSE);
        // draft, if Behavior Draft is set
        if (test('Bd')) {
            $draft = 1;
        }
        // sanitize page name
        $page = preg_replace('/[^a-z0-9_\\.]/i', '-', $page);
        if (empty($page) && getoption('auto_news_alias')) {
            $page = strtolower(preg_replace('/[^a-z0-9_\\.]/i', '-', cn_transliterate($title)));
        }
        // basic news
        $member = member_get();
        $entry = array();
        $entry['id'] = $c_time;
        $entry['t'] = cn_htmlclear($title);
        $entry['u'] = $member['name'];
        $entry['c'] = news_make_category($category);
        $entry['s'] = cn_htmlclear($short_story);
        $entry['f'] = cn_htmlclear($full_story);
        $entry['ht'] = $if_use_html;
        $entry['st'] = $draft ? 'd' : '';
        $entry['co'] = array();
        // 0 comments
        $entry['cc'] = $vConcat ? TRUE : FALSE;
        $entry['tg'] = strip_tags($vTags);
        $entry['pg'] = $page;
        // Check page alias for exists
        if ($page && bt_get_id($page, 'pg_ts') && !$preview) {
            cn_throw_message('Page alias already exists', 'e');
        } else {
            // Get latest id for news
            $latest_id = intval(bt_get_id('latest_id', 'conf'));
            $latest_id++;
            bt_set_id($latest_id, $c_time, 'nid_ts');
            bt_set_id($c_time, $latest_id, 'nts_id');
            bt_set_id('latest_id', $latest_id, 'conf');
            // apply more field
            list($entry, $disallow_message) = cn_more_fields_apply($entry, $faddm);
            // has message from function
            if ($disallow_message) {
                cn_throw_message($disallow_message, 'e');
            }
        }
        // ----
        if (!$preview) {
            if (!getoption('disable_title') && empty($title)) {
                cn_throw_message('The title cannot be blank', 'e');
            }
            if (getoption('news_title_max_long') && strlen($title) > getoption('news_title_max_long')) {
                cn_throw_message('The title cannon be greater then ' . getoption('news_title_max_long') . ' charecters', 'e');
            }
            if (!getoption('disable_short') && empty($short_story)) {
                cn_throw_message('The story cannot be blank', 'e');
            }
            // no errors in a[rticle] area
            if (cn_get_message('e', 'c') == 0) {
                // Add page alias
                bt_set_id($page, $c_time, 'pg_ts');
                bt_set_id($c_time, $page, 'ts_pg');
                $sc = $draft ? 'draft' : '';
                $es = db_news_load(db_get_nloc($entry['id']));
                // make unique id
                while (isset($es[$c_time])) {
                    $c_time++;
                }
                // override ts
                $entry['id'] = $c_time;
                // add default group permission
                $member = member_get();
                // add to database
                $es[$c_time] = $entry;
                // do save item
                db_save_news($es, db_get_nloc($c_time));
                // add news to index
                db_index_add($c_time, $entry['c'], $member['id'], $sc);
                // ------------------------
                $FlatDB->cn_update_date($c_time, 0);
                $FlatDB->cn_source_update($c_time, $draft ? 'D' : '');
                $FlatDB->cn_add_categories($entry['c'], $c_time);
                $FlatDB->cn_add_tags($entry['tg'], $c_time);
                $FlatDB->cn_user_sync($entry['u'], $c_time);
                // ------------------------
                // increase user count written news
                $cnt = intval($member['cnt']) + 1;
                db_user_update($member['name'], "cnt={$cnt}");
                // do update meta-index
                db_index_update_overall($sc);
                // Notify for unapproved
                if (getoption('notify_unapproved') && test('Bd')) {
                    cn_send_mail(getoption('notify_email'), i18n('CuteNews unapproved article was added'), "CuteNews - Unapproved article was added CuUnArWaAd", cn_replace_text(cn_get_template('notify_unapproved', 'mail'), '%username%, %article_title%', $member['name'], $title));
                }
                $FlatDB->cache_clean();
                // view in editor
                cn_relocation(PHP_SELF . '?mod=editnews&action=editnews&id=' . $c_time . '&m=added');
            }
        } else {
            //correct preview links
            $preview_html = preg_replace('/href="(.*?)"/', 'href="#"', entry_make($entry, 'active'));
            $preview_html_full = preg_replace('/href="(.*?)"/', 'href="#"', entry_make($entry, 'full'));
            cn_assign('preview_html, preview_html_full, gstamp', $preview_html, $preview_html_full, $c_time);
        }
    }
    if (empty($category)) {
        $category = array();
    }
    // -----------------------------------------------------------------------------------------------------------------
    cn_assign('categories, vCategory, vTitle, vShort, vFull, is_active_html, vUseHtml, vConcat, vTags, morefields,vPage', $categories, $category, $title, $short_story, $full_story, $is_active_html, $if_use_html, $vConcat, $vTags, $morefields, $page);
    // ---
    echoheader("addedit@addedit/main.css", i18n("Add News"));
    echo exec_tpl('addedit/main');
    echofooter();
}