Beispiel #1
0
/**
 * Page for the Bookmarklet.
 */
function pageBookmarklet()
{
    global $PIVOTX;
    // check if the user is logged in.
    if (!$PIVOTX['session']->isLoggedIn()) {
        pageLogin('small');
        die;
    }
    $currentuser = $PIVOTX['users']->getUser($PIVOTX['session']->currentUsername());
    $entry = array();
    if ($PIVOTX['config']->get('default_category') != "") {
        $entry['category'] = array($PIVOTX['config']->get('default_category'));
    }
    if ($PIVOTX['config']->get('default_post_status') != "") {
        $entry['status'] = $PIVOTX['config']->get('default_post_status');
    }
    $entry['link'] = makeFileLink(array('date' => date("Y-m-d-H-i-s")), "", "");
    $entry['publish_date'] = date("Y-m-d-H-i-s", strtotime('+1 month'));
    // Set some things, based on referring page..
    $entry['introduction'] = "";
    // Execute the hook, if present..
    $PIVOTX['extensions']->executeHook('begin_bookmarklet', $entry);
    if (!empty($_GET['selection'])) {
        $entry['introduction'] .= "<p>&nbsp;</p>\n\n<blockquote>\n" . $_GET['selection'] . "\n</blockquote>\n\n";
    }
    if (!empty($_GET['title'])) {
        $entry['title'] = sanitizeTitle($_GET['title']);
        $entry['introduction'] .= sprintf("<p><a href='%s'>%s</a></p>", $_GET['url'], $entry['title']);
    } else {
        $entry['introduction'] .= sprintf("<p><a href='%s'>%s</a></p>", $_GET['url'], __("link"));
    }
    $PIVOTX['extensions']->executeHook('end_bookmarklet', $entry);
    // Make sure we only show the allowed categories.. Superadmins can always
    // see and use all categories..
    $categories = $PIVOTX['categories']->getCategories();
    if ($currentuser['userlevel'] < PIVOTX_UL_SUPERADMIN) {
        $allowedcats = $PIVOTX['categories']->allowedCategories($currentuser['username']);
        foreach ($categories as $key => $value) {
            if (!in_array($value['name'], $allowedcats)) {
                unset($categories[$key]);
            }
        }
    }
    if (!isset($_POST['title'])) {
        // Show the screen..
        $PIVOTX['template']->assign('entry', $entry);
        $PIVOTX['template']->assign('categories', $categories);
        $PIVOTX['template']->assign('pivotxsession', $PIVOTX['session']->getCSRF());
        $PIVOTX['template']->assign('entryuser', $PIVOTX['users']->getUser($entry['user']));
        renderTemplate('bookmarklet_entry.tpl');
    } else {
        // Make sure the current user is properly logged in, and that the request is legitimate
        $PIVOTX['session']->checkCSRF($_POST['pivotxsession']);
        // Sanitize the $_POST into an entry we can store
        $entry = sanitizePostedEntry($entry);
        if ($PIVOTX['config']->get('allow_comments') != "") {
            $entry['allow_comments'] = $PIVOTX['config']->get('allow_comments');
        }
        $entry['user'] = $currentuser['username'];
        $PIVOTX['extensions']->executeHook('entry_edit_beforesave', $entry);
        $entry = $PIVOTX['db']->set_entry($entry);
        if ($PIVOTX['db']->save_entry(TRUE)) {
            $message = sprintf(__('Your entry "%s" was successfully saved.'), '<em>' . trimText($entry['title'], 25) . '</em>');
            $PIVOTX['extensions']->executeHook('entry_edit_aftersave', $entry);
        } else {
            $message = sprintf(__('Your entry "%s" was NOT successfully saved.'), '<em>' . trimText($entry['title'], 25) . '</em>');
            $PIVOTX['extensions']->executeHook('entry_edit_aftersave_failed', $entry);
        }
        // Remove the compiled/parsed pages from the cache.
        if ($PIVOTX['config']->get('smarty_cache')) {
            $PIVOTX['template']->clear_cache();
        }
        // Show the screen..
        $PIVOTX['template']->assign('message', $message);
        $PIVOTX['template']->assign('uid', $PIVOTX['db']->entry['uid']);
        renderTemplate('bookmarklet_menu.tpl');
    }
}
 /**
  * Render an Entry, using the template as was set in the config.
  *
  * @see $Parser::render
  */
 function renderEntry()
 {
     global $PIVOTX;
     // The type of page we're rendering
     $this->modifier['pagetype'] = 'entry';
     $PIVOTX['template']->assign('pagetype', 'entry');
     // Execute a hook, if present.
     $PIVOTX['extensions']->executeHook('before_parse', $this->modifier);
     // If we're previewing, we need to set the posted values as the entry,
     // otherwise get an entry from the DB.
     if (!empty($_GET['previewentry'])) {
         // Get the entry from posted content.
         $entry = sanitizePostedEntry($entry);
         // Also set it in the DB object (this is required for if we're
         // going to use the current entry to get others. In 'previousentry'
         // or 'nextentry' for instance.
         $PIVOTX['db']->set_entry($entry);
     } else {
         // Get the entry from the DB..
         $entry = $PIVOTX['db']->read_entry($this->modifier['uri'], $this->modifier['date']);
     }
     if (empty($entry['code']) && empty($entry['uid']) && empty($_GET['previewentry'])) {
         // We try to 'guess' an entry..
         $entry = $PIVOTX['db']->guess_entry($this->modifier['uri'], $this->modifier['date']);
         // If we did find an (old) entry, do a 301 redirect.
         if (!empty($entry['uid']) && !empty($entry['link'])) {
             header("HTTP/1.1 301 Moved Permanently");
             header("Location: " . $entry['link']);
             die;
         }
         // The entry is not found, so we render the 404 page.
         $this->render404('entry');
         return;
     }
     // For entries that aren't previewed we check if it's published and
     // whether it's displayed with the correct URL.(This is foolproof
     // since $_GET['previewentry'] is only set if logged in.)
     if (!isset($_GET['previewentry'])) {
         // If the site uses mod_rewrite, crufty URLs should redirect (to avoid duplicate content).
         if ($PIVOTX['config']->get('mod_rewrite') > 0 && !isset($_GET['rewrite'])) {
             header("HTTP/1.1 301 Moved Permanently");
             header("Location: " . $entry['link']);
             die;
         }
         // Redirect people that click a trackback link back to the entry.
         $trackback = getDefault($PIVOTX['config']->get('localised_trackback_name'), "trackback");
         if (isset($_GET[$trackback])) {
             header("HTTP/1.1 301 Moved Permanently");
             header("Location: " . $entry['link']);
             die;
         }
         // If the entry isn't published yet, we shouldn't show it.
         if ($entry['status'] != 'publish' && !isset($_GET['previewentry'])) {
             $this->render404('entry');
             return;
         }
     }
     // Here we convert the &quot; to ", if necessary, but only inside [[ tags ]]
     // Shouldn't we move this to pages_sql.php or pages_flat.php?
     $entry['introduction'] = preg_replace_callback('/\\[\\[(.*)\\]\\]/ui', "fixquotescallback", $entry['introduction']);
     $entry['body'] = preg_replace_callback('/\\[\\[(.*)\\]\\]/ui', "fixquotescallback", $entry['body']);
     // Set the 'code' we can use to invalidate this entry from cache.
     $this->code = "e" . $entry['uid'] . "_";
     // Set the uid in the modifier..
     $this->modifier['uid'] = $entry['uid'];
     // Set the entry in $smarty as an array, as well as separate variables.
     $PIVOTX['template']->assign('entry', $entry);
     foreach ($entry as $key => $value) {
         $PIVOTX['template']->assign($key, $value);
     }
     // Set the correct weblog..
     $weblog_old = $PIVOTX['weblogs']->getCurrent();
     $PIVOTX['weblogs']->setCurrentFromCategory($entry['category']);
     $weblog_new = $PIVOTX['weblogs']->getCurrent();
     $this->modifier['weblog'] = $weblog_new;
     // Set the correct language (in case it has changed from render.php).
     if ($weblog_new != $weblog_old) {
         $language = $PIVOTX['weblogs']->get('', 'language');
         $PIVOTX['languages']->switchLanguage($language);
         $PIVOTX['locale']->init();
     }
     // .. and get the entrypage template for it..
     $template = $PIVOTX['weblogs']->get('', 'entry_template');
     // Perhaps override the template, if we're allowed to do so.
     if (!empty($this->modifier['template']) && $PIVOTX['config']->get('allow_template_override') == 1) {
         $template = $this->modifier['template'];
     }
     // If the template isn't set, or doesn't exist..
     if ($template == "" || !file_exists($PIVOTX['paths']['templates_path'] . $template)) {
         // .. we guesstimate a template, and show that..
         $template = templateGuess('entry');
     }
     // We know what theme we're in, because of the used template.
     $PIVOTX['template']->assign('themename', dirname($template));
     // Render and show the template.
     $this->parseTemplate($template);
 }