/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT)
$IV = array('GET' => array('category' => array('int', 0, 'mandatory' => false), 'page' => array('int', 1, 'default' => 1), 'mode' => array(array('mobile', 'desktop', 'tablet'), 'mandatory' => false), 'commentId' => array('int', 0, 'mandatory' => false), 'commentInput' => array('bool', 'mandatory' => false)));
require ROOT . '/library/preprocessor.php';
if (empty($suri['value'])) {
list($entries, $paging) = getEntriesWithPaging($blogid, $suri['page'], $blog['entriesOnPage']);
} else {
if (isset($_GET['category'])) {
// category exists
if (Validator::isInteger($_GET['category'], 0)) {
list($entries, $paging) = getEntryWithPagingBySlogan($blogid, $suri['value'], false, $_GET['category']);
}
} else {
// Just normal entry view
list($entries, $paging) = getEntryWithPagingBySlogan($blogid, $suri['value']);
if (isset($_GET['commentId']) || isset($_GET['commentInput'])) {
if (isset($_GET['commentId']) && Validator::isInteger($_GET['commentId'], 1)) {
$commentId = $_GET['commentId'];
} else {
$commentId = 1;
}
$suri['page'] = getCommentPageById(getBlogId(), $entries[0]['id'], $commentId);
$context->setProperty('blog.showCommentBox', true);
}
}
}
fireEvent('OBStart');
require ROOT . '/interface/common/blog/begin.php';
if (empty($suri['value'])) {
require ROOT . '/interface/common/blog/entries.php';
} else {
if (empty($entries)) {
private function validate()
{
if (is_null($this->id)) {
$this->id = $this->getNextId();
}
$this->category = Utils_Unicode::lessenAsByte($this->category, 11);
$this->content = Utils_Unicode::lessenAsByte($this->content, 512);
if (empty($this->author)) {
$this->author = User::getName();
}
$this->author = Utils_Unicode::lessenAsByte($this->author, 32);
if (!Validator::isInteger($this->blogid, 1)) {
return $this->error('blogid');
}
if (!Validator::timestamp($this->created)) {
return $this->error('created');
}
return true;
}
function addCategory($blogid, $parent, $name, $id = null, $priority = null)
{
$pool = DBModel::getInstance();
if (empty($name)) {
return false;
}
if (!is_null($parent) && !Validator::id($parent)) {
return false;
}
if (!is_null($id) && !Validator::isInteger($id, 0)) {
return false;
}
if ($priority !== null && !Validator::isInteger($priority, 0)) {
return false;
}
if (!is_null($parent)) {
$pool->reset('Categories');
$pool->setQualifier('blogid', 'eq', $blogid);
$pool->setQualifier('id', 'eq', $parent);
$label = $pool->getCell('name');
if ($label === null) {
return false;
}
$label .= '/' . $name;
} else {
$parent = 'NULL';
$label = $name;
}
$label = Utils_Unicode::lessenAsEncoding($label, 255);
$name = Utils_Unicode::lessenAsEncoding($name, 127);
$pool->reset('Categories');
$pool->setQualifier('blogid', 'eq', $blogid);
$pool->setQualifier('name', 'eq', $name, true);
if ($parent == 'NULL') {
$pool->setQualifier('parent', 'eq', NULL);
} else {
$pool->setQualifier('parent', 'eq', $parent);
}
if ($pool->getCount() > 0) {
return false;
}
if (!is_null($priority)) {
$pool->reset('Categories');
$pool->setQualifier('blogid', 'eq', $blogid);
$pool->setQualifier('priority', 'eq', $priority);
if ($pool->doesExist()) {
return false;
} else {
$newPriority = $priority;
}
} else {
$pool->reset('Categories');
$pool->setQualifier('blogid', 'eq', $blogid);
$newPriority = $pool->getCell('MAX(priority)') + 1;
}
// Determine ID.
if (!is_null($id)) {
$pool->reset('Categories');
$pool->setQualifier('blogid', 'eq', $blogid);
$pool->setQualifier('id', 'eq', $id);
if ($pool->doesExist()) {
return false;
} else {
$newId = $id;
}
} else {
$pool->reset('Categories');
$pool->setQualifier('blogid', 'eq', $blogid);
$newId = $pool->getCell('MAX(id)') + 1;
}
$pool->reset('Categories');
$pool->setAttribute('blogid', $blogid);
$pool->setAttribute('id', $newId);
if ($parent == 'NULL') {
$pool->setAttribute('parent', NULL);
} else {
$pool->setAttribute('parent', $parent);
}
$pool->setAttribute('name', $name, true);
$pool->setAttribute('priority', $newPriority);
$pool->setAttribute('entries', 0);
$pool->setAttribute('entriesinlogin', 0);
$pool->setAttribute('label', $label, true);
$pool->setAttribute('visibility', 2);
$result = $pool->insert();
updateEntriesOfCategory($blogid, $newId);
return $result ? true : false;
}
function getEntriesWithPagingForOwner($blogid, $category, $search, $page, $count, $visibility = null, $starred = null, $draft = null, $tag = null)
{
global $database, $suri;
$teamMemberFilter = "";
if (!Acl::check("group.editors", "entry.list")) {
$teamMemberFilter = " AND e.userid = " . getUserId();
}
$sqlTable = "SELECT e.*, c.label AS categoryLabel, d.id AS draft \n\t\tFROM {$database['prefix']}Entries e \n\t\tLEFT JOIN {$database['prefix']}Categories c ON e.category = c.id AND e.blogid = c.blogid \n\t\tLEFT JOIN {$database['prefix']}Entries d ON e.blogid = d.blogid AND e.id = d.id AND d.draft = 1 ";
$sql = " WHERE e.blogid = {$blogid} AND e.draft = 0" . $teamMemberFilter;
if ($category > 0) {
$categories = POD::queryColumn("SELECT id FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND parent = {$category}");
array_push($categories, $category);
$sql .= ' AND e.category IN (' . implode(', ', $categories) . ')';
} else {
if ($category == -3) {
$sql .= ' AND e.category = 0';
} else {
if ($category == -5) {
$sql .= ' AND e.category >= -2';
} else {
if ($category == 0) {
$sql .= ' AND e.category >= 0';
} else {
$sql .= ' AND e.category = ' . $category;
}
}
}
}
if (isset($visibility)) {
if (Validator::isInteger($visibility, 0, 3)) {
$sql .= ' AND e.visibility = ' . $visibility;
} else {
$sql .= ' AND e.visibility ' . $visibility;
}
}
if (isset($starred)) {
if (Validator::isInteger($starred, 0, 3)) {
$sql .= ' AND e.starred = ' . $starred;
} else {
$sql .= ' AND e.starred ' . $starred;
}
}
if (!empty($search)) {
$search = escapeSearchString($search);
$sql .= " AND (e.title LIKE '%{$search}%' OR e.content LIKE '%{$search}%')";
}
if (!empty($tag)) {
$sqlTable .= " LEFT JOIN {$database['prefix']}TagRelations t ON e.id = t.entry AND e.blogid = t.blogid ";
$sql .= ' AND t.tag = ' . $tag;
}
$sql .= ' ORDER BY e.published DESC';
return Paging::fetch($sqlTable . $sql, $page, $count);
}
function addCategory($blogid, $parent, $name, $id = null, $priority = null)
{
global $database;
if (empty($name)) {
return false;
}
if (!is_null($parent) && !Validator::id($parent)) {
return false;
}
if (!is_null($id) && !Validator::isInteger($id, 0)) {
return false;
}
if ($priority !== null && !Validator::isInteger($priority, 0)) {
return false;
}
if (!is_null($parent)) {
$label = POD::queryCell("SELECT name FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND id = {$parent}");
if ($label === null) {
return false;
}
$label .= '/' . $name;
} else {
$parent = 'NULL';
$label = $name;
}
$label = POD::escapeString(UTF8::lessenAsEncoding($label, 255));
$name = POD::escapeString(UTF8::lessenAsEncoding($name, 127));
if ($parent == 'NULL') {
$parentStr = 'AND parent is null';
} else {
$parentStr = "AND parent = {$parent}";
}
$sql = "SELECT count(*) FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND name = '{$name}' {$parentStr}";
if (POD::queryCell($sql) > 0) {
return false;
}
if (!is_null($priority)) {
if (POD::queryExistence("SELECT * FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND priority = {$priority}")) {
return false;
} else {
$newPriority = $priority;
}
} else {
$newPriority = POD::queryCell("SELECT MAX(priority) FROM {$database['prefix']}Categories WHERE blogid = {$blogid}") + 1;
}
// Determine ID.
if (!is_null($id)) {
$sql = "SELECT * FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND id = {$id}";
if (POD::queryExistence($sql)) {
return false;
} else {
$newId = $id;
}
} else {
$newId = POD::queryCell("SELECT MAX(id) FROM {$database['prefix']}Categories WHERE blogid = {$blogid}") + 1;
}
$result = POD::query("INSERT INTO {$database['prefix']}Categories (blogid, id, parent, name, priority, entries, entriesinlogin, label, visibility) VALUES ({$blogid}, {$newId}, {$parent}, '{$name}', {$newPriority}, 0, 0, '{$label}', 2)");
updateEntriesOfCategory($blogid, $newId);
return $result ? true : false;
}
public static function authorize($blogid, $userid, $expires = null)
{
if (is_null(self::$context)) {
self::initialize();
}
$blogid = intval($blogid);
$userid = intval($userid);
if (!Validator::isInteger($expires, 0)) {
return false;
}
$session_cookie_path = "/";
$t = self::$context->getProperty('service.session_cookie_path');
if (!empty($t)) {
$session_cookie_path = self::$context->getProperty('service.session_cookie_path');
}
if (!is_numeric($userid)) {
return false;
}
$current = Timestamp::getUNIXtime();
if (is_null($expires)) {
$expires = $current + self::$context->getProperty('service.timeout');
}
if ($userid != SESSION_OPENID_USERID) {
/* OpenID session : -1 */
$_SESSION['userid'] = $userid;
$id = session_id();
if (self::isGuestOpenIDSession($id)) {
$result = self::query('execute', "UPDATE " . self::$context->getProperty('database.prefix') . "Sessions " . "SET userid = {$userid} WHERE id = '{$id}'");
if ($result) {
return true;
}
}
}
if (self::isAuthorized(session_id())) {
return true;
}
for ($i = 0; $i < 3; $i++) {
$id = dechex(rand(0x10000000, 0x7fffffff)) . dechex(rand(0x10000000, 0x7fffffff)) . dechex(rand(0x10000000, 0x7fffffff)) . dechex(rand(0x10000000, 0x7fffffff));
$result = self::query('execute', "INSERT INTO " . self::$context->getProperty('database.prefix') . "Sessions\n\t\t\t\t(id, address, userid, created, updated, expires)\n\t\t\t\tVALUES('{$id}', '{$_SERVER['REMOTE_ADDR']}', {$userid}, {$current}, {$current}, {$expires})");
if ($result) {
@session_id($id);
//$service['domain'] = $service['domain'].':8888';
setcookie(self::getName(), $id, 0, $session_cookie_path, self::$context->getProperty('service.session_cookie_domain'));
return true;
}
}
return false;
}
/**
* Valid: Jan 1 1971 ~ Dec 31 2037 GMT
*/
static function timestamp($value)
{
return Validator::isInteger($value) && $value >= 31536000 && $value < 2145916800;
}
function getEntriesWithPagingForOwner($blogid, $category, $search, $page, $count, $visibility = null, $starred = null, $draft = null, $tag = null)
{
$pool = DBModel::getInstance();
if ($category > 0) {
$categories = getChildCategoryId($blogid, $category);
array_push($categories, $category);
}
$pool->reset("Entries");
$pool->setAlias("Entries", "e");
$pool->extend("Categories", "LEFT", array(array('e.blogid', 'eq', 'c.blogid'), array('e.category', '=', 'c.id')));
$pool->setAlias("Categories", "c");
$pool->extend("Entries d", "LEFT", array(array('e.blogid', 'eq', 'd.blogid'), array('e.id', 'eq', 'd.id'), array("d.draft", "eq", 1)));
if (!Acl::check("group.editors", "entry.list")) {
$pool->setQualifier("e.userid", "eq", getUserId());
}
$pool->setQualifier("e.blogid", "eq", $blogid);
$pool->setQualifier("e.draft", "eq", 0);
$pool->setProjection("e.*", "c.label AS categoryLabel", "d.id AS draft");
$pool->setOrder("e.published", "DESC");
if (!Acl::check("group.editors", "entry.list")) {
$pool->setQualifier("e.userid", "eq", getUserId());
}
if ($category > 0) {
$pool->setQualifier("e.category", "hasoneof", $categories);
} else {
if ($category == -3) {
$pool->setQualifier("e.category", "eq", 0);
} else {
if ($category == -5) {
$pool->setQualifier("e.category", ">=", -3);
} else {
if ($category == 0) {
$pool->setQualifier("e.category", ">=", 0);
} else {
$pool->setQualifier("e.category", "eq", $category);
}
}
}
}
if (isset($visibility)) {
if (Validator::isInteger($visibility, 0, 3)) {
$pool->setQualifier("e.visibility", "eq", $visibility);
}
}
if (isset($starred)) {
if (Validator::isInteger($starred, 0, 3)) {
$pool->setQualifier("e.starred", "eq", $starred);
}
}
if (!empty($search)) {
$search = escapeSearchString($search);
$pool->setQualifierSet(array("e.title", "like", $search, true), "OR", array("e.content", "like", $search, true));
}
if (!empty($tag)) {
$pool->join("TagRelations", "left", array(array("e.id", "eq", "t.entry"), array("e.blogid", "eq", "t.blogid")));
$pool->setAlias("TagRelations", "t");
$pool->setQualifier("t.tag", "eq", $tag, true);
}
return Paging::fetch($pool, $page, $count);
}
require ROOT . '/interface/common/blog/begin.php';
require ROOT . '/interface/common/blog/end.php';
}
}
}
} else {
list($entries, $paging) = getEntriesWithPaging($blogid, $suri['page'], $blog['entriesOnPage']);
require ROOT . '/interface/common/blog/begin.php';
require ROOT . '/interface/common/blog/entries.php';
require ROOT . '/interface/common/blog/end.php';
}
} else {
// With id.
if (isset($_GET['category'])) {
// category exists
if (Validator::isInteger($_GET['category'], 0)) {
list($entries, $paging) = getEntryWithPaging($blogid, $suri['id'], false, $_GET['category']);
}
} else {
// Just normal entry view
list($entries, $paging) = getEntryWithPaging($blogid, $suri['id']);
}
if (isset($_POST['partial'])) {
// Partial output.
header('Content-Type: text/plain; charset=utf-8');
$skin = new Skin($context->getProperty('skin.skin'));
$view = '[##_article_rep_##]';
require ROOT . '/interface/common/blog/entries.php';
$view = removeAllTags($view);
if ($view != '[##_article_rep_##]') {
print $view;
