Beispiel #1
0
function save_sub($id, &$errors)
{
    global $current_user, $db;
    // Double check
    $owner = intval($_POST['owner']);
    if (!SitesMgr::can_edit($id)) {
        array_push($errors, _('usuario no autorizado a editar'));
        return false;
    }
    $site = SitesMgr::get_info();
    $extended = SitesMgr::get_extended_properties($id);
    if ($_POST['created_from'] != $site->id) {
        array_push($errors, _('sitio erróneo'));
    }
    if ($owner != $current_user->user_id && !$current_user->admin) {
        array_push($errors, _('propietario erróneo'));
    }
    $name = mb_substr(clean_input_string($_POST['name']), 0, 12);
    if (mb_strlen($name) < 3 || !preg_match('/^\\p{L}[\\p{L}\\d_]+$/u', $name)) {
        array_push($errors, _('nombre erróneo') . ' ' . $_POST['name']);
    }
    $name_long = mb_substr(clean_text($_POST['name_long']), 0, 40);
    if (mb_strlen($name_long) < 6) {
        array_push($errors, _('título erróneo'));
    }
    $name = $db->escape($name);
    $name_long = $db->escape($name_long);
    if ($db->get_var("select count(*) from subs where name = '{$name}' and id != {$id}") > 0) {
        array_push($errors, _('nombre duplicado'));
    }
    $page_mode = $db->escape($_POST['page_mode']);
    if ($current_user->admin) {
        $enabled = intval($_POST['enabled']);
        $allow_main_link = intval($_POST['allow_main_link']);
    } else {
        // Keep the values
        $enabled = $site->enabled;
        $allow_main_link = $site->allow_main_link;
        $_POST['post_html'] = $extended['post_html'];
    }
    $nsfw = intval($_POST['nsfw']);
    $private = intval($_POST['private']);
    // Check the extended info
    foreach (array('no_link', 'no_anti_spam', 'allow_local_links', 'intro_max_len', 'intro_min_len') as $k) {
        if (isset($_POST[$k]) && $_POST[$k] !== '') {
            $_POST[$k] = intval($_POST[$k]);
        }
    }
    if ($_POST['intro_max_len'] > 5000) {
        $_POST['intro_max_len'] = 5000;
    }
    if (empty($errors)) {
        $db->transaction();
        if ($id > 0) {
            $r = $db->query("update subs set owner = {$owner}, enabled = {$enabled}, allow_main_link = {$allow_main_link}, nsfw = {$nsfw}, name = '{$name}', name_long = '{$name_long}', private = {$private}, page_mode = '{$page_mode}' where id = {$id}");
        } else {
            $r = $db->query("insert into subs (created_from, owner, nsfw, name, name_long, sub, private) values ({$site->id}, {$owner}, {$nsfw}, '{$name}', '{$name_long}', 1, {$private})");
            $id = $db->insert_id;
        }
        if ($r && $id > 0) {
            // Copy values from first site
            $r = $db->query("update subs as a join subs as b on a.id = {$id} and b.id={$site->id} set a.server_name = b.server_name, a.base_url = b.base_url");
            // Update copy_from
            if ($current_user->admin) {
                sub_copy_from($id, $_POST['copy_from']);
            }
            // Update colors
            $color_regex = '/^#[a-f0-9]{6}/i';
            if (preg_match($color_regex, $_POST['color1'])) {
                $color1 = $db->escape($_POST['color1']);
            } else {
                $color1 = '';
            }
            if (preg_match($color_regex, $_POST['color2'])) {
                $color2 = $db->escape($_POST['color2']);
            } else {
                $color2 = '';
            }
            $db->query("update subs set color1 = '{$color1}', color2 = '{$color2}' where id = {$id}");
        }
        if ($r && $id > 0) {
            SitesMgr::store_extended_properties($id, $_POST);
            $db->commit();
            store_image($id);
            return $id;
        } else {
            array_push($errors, _('error actualizando la base de datos'));
            $db->rollback();
        }
    }
    return false;
}