public function postPublishAction($params)
{
$post_id = (int) $params['id'];
$blog_id = (int) $params['blog_id'];
// check rights for this blog at first and unsubscribe user if he hasn't
$sql = "SELECT c.id FROM blog_emailsubscription s\n JOIN wa_contact c ON s.contact_id = c.id\n WHERE s.blog_id = " . $blog_id;
$model = new waModel();
$unsubscribe_contact_ids = array();
foreach ($model->query($sql) as $row) {
$rights = 1;
try {
$rights = blogHelper::checkRights($blog_id, $row['id'], blogRightConfig::RIGHT_READ);
} catch (Exception $e) {
$rights = 0;
}
if (!$rights) {
$unsubscribe_contact_ids[] = $row['id'];
}
}
if ($unsubscribe_contact_ids) {
$em = new blogEmailsubscriptionModel();
$em->deleteByField(array('contact_id' => $unsubscribe_contact_ids, 'blog_id' => $blog_id));
}
// add subscribers to queue
$sql = "REPLACE INTO blog_emailsubscription_log (post_id, contact_id, name, email, datetime)\n SELECT " . $post_id . ", c.id, c.name, e.email, '" . date('Y-m-d H:i:s') . "' FROM blog_emailsubscription s\n JOIN wa_contact c ON s.contact_id = c.id\n JOIN wa_contact_emails e ON c.id = e.contact_id AND e.sort = 0\n WHERE s.blog_id = " . $blog_id;
$model->exec($sql);
// save backend url for cron
$app_settings_model = new waAppSettingsModel();
$app_settings_model->set(array($this->app_id, $this->id), 'backend_url', wa()->getRootUrl(true) . wa()->getConfig()->getBackendUrl());
}
public function execute()
{
$this->getResponse()->addHeader('Content-type', 'application/json');
if ($comment_id = $this->getRequest()->post('id', 0, waRequest::TYPE_INT)) {
$comment_model = new blogCommentModel();
$comment = $comment_model->getById($comment_id);
if (!$comment) {
throw new waException(_w('Comment not found'), 404);
}
$post_model = new blogPostModel();
if (!($post = $post_model->getBlogPost(array('id' => $comment['post_id'], 'blog_id' => $comment['blog_id'])))) {
throw new waException(_w('Post not found'), 404);
}
$user_id = $this->getUser()->getId();
$rights = blogHelper::checkRights($comment['blog_id'], $user_id, blogRightConfig::RIGHT_READ_WRITE);
if ($rights == blogRightConfig::RIGHT_READ_WRITE && $user_id != $post['contact_id']) {
throw new waRightsException(_w('Access denied'), 403);
}
$status = $this->getRequest()->post('status', blogCommentModel::STATUS_DELETED);
if ($status != blogCommentModel::STATUS_DELETED) {
$status = blogCommentModel::STATUS_PUBLISHED;
}
$changed = $comment_model->updateById($comment_id, array('status' => $status));
$count = $comment_model->getCount($comment['blog_id'], $comment['post_id']);
if ($changed) {
if ($status == blogCommentModel::STATUS_DELETED) {
$this->log('comment_delete', 1);
} else {
$this->log('comment_restore', 1);
}
}
$this->response = array('count_str' => $count . " " . _w('comment', 'comments', $count), 'status' => $status, 'changed' => $changed);
}
}
public function execute()
{
$id = $this->get('id', true);
$post_model = new blogPostModel();
$post = $post_model->getById($id);
if (!$post) {
throw new waAPIException('invalid_param', 'Post not found', 404);
}
//check rights
if (blogHelper::checkRights($post['blog_id']) < blogRightConfig::RIGHT_FULL && $post['contact_id'] != wa()->getUser()->getId()) {
throw new waAPIException('access_denied', 403);
}
$data = array_merge($post, waRequest::post());
$blog_model = new blogBlogModel();
$blogs = $blog_model->getAvailable();
if (!isset($blogs[$data['blog_id']])) {
throw new waAPIException('invalid_param', 'Blog not found', 404);
}
$blog = $blogs[$data['blog_id']];
$data['blog_status'] = $blog['status'];
$data['datetime'] = $this->formateDatetime($data['datetime']);
$messages = $post_model->validate($data, array('transliterate' => true));
if ($messages) {
throw new waAPIException('invalid_param', 'Validate messages: ' . implode("\n", $messages), 404);
}
$post_model->updateItem($data['id'], $data);
$_GET['id'] = $id;
$method = new blogPostGetInfoMethod();
$this->response = $method->getResponse(true);
}
public function execute()
{
$post_id = max(0, waRequest::get('id', 0, waRequest::TYPE_INT));
if (!$post_id) {
throw new waException(_w('Post not found'), 404);
}
$post_model = new blogPostModel();
$search_options = array('id' => $post_id);
$extend_options = array('comments' => array(20), 'user' => array('photo_url_50'), 'status' => 'view');
$post = $post_model->search($search_options, $extend_options)->fetchSearchItem();
if (!$post) {
throw new waException(_w('Post not found'), 404);
}
$post['rights'] = $this->getRights("blog.{$post['blog_id']}");
$posts = array(&$post);
blogHelper::extendRights($posts, array(), $this->getUser()->getId());
blogPhotosBridge::loadAlbums($posts);
if (isset($post['comments']) && $post['comments']) {
$post['comments'] = blogCommentModel::extendRights($post['comments'], array($post_id => $post));
}
$blog_model = new blogBlogModel();
$blog = $blog_model->getById($post['blog_id']);
if ($blog['status'] != blogBlogModel::STATUS_PUBLIC || $post['status'] != blogPostModel::STATUS_PUBLISHED) {
blogHelper::checkRights($post['blog_id'], true, blogRightConfig::RIGHT_READ);
}
$items = $blog_model->prepareView(array($blog));
$blog = array_shift($items);
$this->setLayout(new blogDefaultLayout());
$this->getResponse()->setTitle($post['title']);
/**
* Backend post view page
* UI hook allow extends post view page
* @event backend_post
* @param array[string]mixed $post Current page post item data
* @param array[string]int $post['id'] Post ID
* @param array[string]int $post['blog_id'] Post blog ID
* @return array[string][string]string $backend_post['%plugin_id%']['footer'] Plugin %plugin_id% footer html
*/
$this->view->assign('backend_post', wa()->event('backend_post', $post, array('footer')));
$user = $this->getUser();
$this->view->assign('current_contact', array('id' => $user->getId(), 'name' => $user->getName(), 'photo20' => $user->getPhoto(20)));
$this->view->assign('blog_id', $blog['id']);
$this->view->assign('blog', $blog);
$this->view->assign('contact_rights', $this->getUser()->getRights('contacts', 'backend'));
if ($this->getConfig()->getOption('can_use_smarty')) {
try {
$post['text'] = $this->view->fetch("string:{$post['text']}", $this->cache_id);
} catch (SmartyException $ex) {
$post['text'] = blogPost::handleTemplateException($ex, $post);
}
}
$this->view->assign('post', $post);
}
protected function init()
{
$transport = ucfirst($this->getRequest()->post('blog_import_transport', '', waRequest::TYPE_STRING_TRIM));
$class = "blogImportPlugin{$transport}Transport";
if ($transport && class_exists($class)) {
$plugin_namespace = $this->getApp() . '_import';
$namespace = $plugin_namespace . '_' . strtolower($transport);
$this->initPlugin();
if ($post = $this->getRequest()->post($plugin_namespace)) {
$this->plugin->setup($post);
if ($this->plugin->validateSettings($this->errors)) {
$this->plugin->saveSettings();
} else {
throw new waException(_wp('Invalid replace settings'));
}
}
$settings = $this->plugin->getSettings();
$blog_model = new blogBlogModel();
if ($settings['blog'] && ($blog = $blog_model->getById($settings['blog']))) {
$settings['blog_status'] = $blog['status'];
} else {
throw new waException(_wp("Target blog not found"));
}
$author_has_rights = false;
try {
if ($settings['contact']) {
$author_has_rights = blogHelper::checkRights($settings['blog'], $settings['contact']);
}
} catch (waRightsException $ex) {
//do nothing
}
if (!$author_has_rights) {
throw new waException(_wp("Author not found or has insufficient rights"));
}
$this->data['transport'] = new $class($settings);
$this->data['blog'] = $this->plugin->getSettingValue('blog');
$this->getTransport();
$this->transport->setup($this->getRequest()->post($namespace, array()));
if (!$this->transport->validate(true, $this->errors)) {
throw new waException(_wp('Invalid settings'));
}
//$this->data['runtime_settings'] =$this->transport->get
$this->data['posts'] = $this->transport->getPosts();
$this->data['current'] = 0;
$this->data['count'] = count($this->data['posts']);
} else {
throw new waException(sprintf(_wp("Transport type %s not found"), $transport));
}
}
public function execute()
{
$id = $this->get('id', true);
$post_model = new blogPostModel();
$post = $post_model->search(array('id' => $id))->fetchSearchItem();
if ($post) {
$blog_model = new blogBlogModel();
$blog = $blog_model->getById($post['blog_id']);
if ($blog['status'] != blogBlogModel::STATUS_PUBLIC || $post['status'] != blogPostModel::STATUS_PUBLISHED) {
blogHelper::checkRights($post['blog_id'], true, blogRightConfig::RIGHT_READ);
}
$this->response = $post;
} else {
throw new waAPIException('invalid_param', 'Post not found', 404);
}
}
public function execute()
{
$data = waRequest::post('data', null);
if (!$data) {
return;
}
foreach ($data as $name => $value) {
if (in_array($name, $this->allowed_fields) === false) {
throw new waException("Can't update post: editing of this field is denied");
}
if ($name == 'status') {
if (in_array($value, array(blogPostModel::STATUS_DRAFT, blogPostModel::STATUS_DEADLINE, blogPostModel::STATUS_SCHEDULED, blogPostModel::STATUS_PUBLISHED)) === false) {
throw new waException("Can't change status: unknown value");
}
}
}
$post_id = waRequest::post('post_id', null, waRequest::TYPE_INT);
$post_model = new blogPostModel();
$post = null;
if ($post_id) {
$post = $post_model->getFieldsById($post_id, array('id', 'blog_id', 'contact_id', 'datetime'));
}
if (!$post) {
throw new waException("Unknown post");
}
$contact = wa()->getUser();
$contact_id = $contact->getId();
$allow = blogHelper::checkRights($post['blog_id'], $contact_id, $contact_id != $post['contact_id'] ? blogRightConfig::RIGHT_FULL : blogRightConfig::RIGHT_READ_WRITE);
if (!$allow) {
throw new waException("Access denied");
}
if (!$post_model->updateById($post_id, $data)) {
throw new waException("Error when updating data");
}
$post = array_merge($post, $data);
if ($post['status'] == blogPostModel::STATUS_DEADLINE) {
$user = wa()->getUser();
$timezone = $user->getTimezone();
$current_datetime = waDateTime::date("Y-m-d", null, $timezone);
$datetime = waDateTime::date("Y-m-d", $post['datetime'], $timezone);
if ($datetime <= $current_datetime) {
$post['overdue'] = true;
}
}
$this->response['post'] = $post;
}
public function execute()
{
$data = waRequest::post();
$exclude = array('left_key', 'right_key', 'type', 'full_url', 'parent_id');
foreach ($exclude as $k) {
if (isset($data[$k])) {
unset($data[$k]);
}
}
// check required params
$this->post('text', true);
$post_id = $this->get('post_id', true);
$post_model = new blogPostModel();
$post = $post_model->getBlogPost($post_id);
if (!$post) {
throw new waAPIException('invalid_param', 'Post not found', 404);
}
$parent_id = $this->post('parent_id');
$comment_model = new blogCommentModel();
if ($parent_id) {
$parent = $comment_model->getById($parent_id);
if (!$parent) {
throw new waAPIException('invalid_param', 'Parent comment not found', 404);
}
}
$contact_id = wa()->getUser()->getId();
// check rights
try {
blogHelper::checkRights($post['blog_id'], $contact_id, blogRightConfig::RIGHT_READ);
} catch (waException $e) {
throw new waAPIException('access_denied', 403);
}
// check comment mode
if (!$post['comments_allowed']) {
throw new waAPIException('invalid_param', "Isn't allowed comment to this post", 404);
}
$data = array_merge($data, array('blog_id' => $post['blog_id'], 'post_id' => $post_id, 'contact_id' => $contact_id, 'auth_provider' => blogCommentModel::AUTH_USER));
$messages = $comment_model->validate($data);
if ($messages) {
throw new waAPIException('invalid_param', 'Validate messages: ' . implode("\n", $messages), 404);
}
$id = $comment_model->add($data, $parent_id);
$_GET['id'] = $id;
$method = new blogPostCommentsGetInfoMethod();
$this->response = $method->getResponse(true);
}
public function execute()
{
if ($blog_id = (int) waRequest::post('id')) {
blogHelper::checkRights($blog_id, true, blogRightConfig::RIGHT_FULL);
$remove = waRequest::post('remove');
if ($remove == 'move') {
$move_blog_id = waRequest::post('blog_id');
blogHelper::checkRights($move_blog_id, true, blogRightConfig::RIGHT_FULL);
if ($move_blog_id != $blog_id) {
blogPost::move($blog_id, $move_blog_id);
} else {
$this->redirect('?module=blog&action=settings&id=' . $blog_id);
}
}
$blog_model = new blogBlogModel();
$blog_model->deleteById($blog_id);
$this->log('blog_delete');
$this->redirect(wa()->getAppUrl());
} else {
$this->redirect(wa()->getAppUrl());
}
}
public function execute()
{
$id = $this->post('id', true);
if (!is_array($id)) {
if (strpos($id, ',') !== false) {
$id = array_map('intval', explode(',', $id));
} else {
$id = array($id);
}
}
$user_id = wa()->getUser()->getId();
$comment_model = new blogCommentModel();
$post_model = new blogPostModel();
$comments = $comment_model->getByField('id', $id, 'id');
$post_ids = array();
foreach ($comments as $comment) {
$post_ids[] = $comment['post_id'];
}
$post_ids = array_unique($post_ids);
$posts = $post_model->getByField('id', $post_ids, 'id');
$available = array();
foreach ($comments as $comment) {
try {
$rights = blogHelper::checkRights($comment['blog_id'], $user_id, blogRightConfig::RIGHT_READ_WRITE);
} catch (Exception $e) {
continue;
}
if ($rights == blogRightConfig::RIGHT_READ_WRITE && $user_id != $posts[$comment['post_id']]['contact_id']) {
continue;
}
if ($comment['status'] == blogCommentModel::STATUS_DELETED) {
continue;
}
$available[] = $comment['id'];
}
$comment_model->updateById($available, array('status' => blogCommentModel::STATUS_DELETED));
$this->response = true;
}
/**
*
* Update blog post item
* @param int $id
* @param array $data
* @param array $current_data
* @throws waException
* @return int post id
*/
public function updateItem($id, $data = array(), $current_data = array())
{
$plugin = array();
$contact_id = wa()->getUser()->getId();
foreach ($data as $field => $value) {
if (!isset($this->fields[$field]) || $field == $this->id) {
if (isset($data['plugin'])) {
$plugin = $data['plugin'];
}
unset($data[$field]);
}
}
if ($id) {
if (!$current_data) {
$current_data = $this->getByField(array($this->id => $id));
if (!$current_data) {
throw new waException(_w('Post not found'), 404);
}
}
if (!$contact_id) {
//use author id for cron task
$contact_id = $current_data['contact_id'];
}
} else {
$current_data = array();
if (empty($data['contact_id'])) {
$data['contact_id'] = $contact_id;
} else {
blogHelper::checkRights($data['blog_id'], $contact_id, $contact_id != $data['contact_id'] ? blogRightConfig::RIGHT_FULL : blogRightConfig::RIGHT_READ_WRITE);
}
}
//check rights for non admin
$source_data = array('contact_id' => isset($current_data['contact_id']) ? $current_data['contact_id'] : $data['contact_id'], 'blog_id' => isset($current_data['blog_id']) ? $current_data['blog_id'] : $data['blog_id']);
$target_data = array('contact_id' => isset($data['contact_id']) ? $data['contact_id'] : $source_data['contact_id'], 'blog_id' => isset($data['blog_id']) ? $data['blog_id'] : $source_data['blog_id']);
//check editor rights
blogHelper::checkRights($source_data['blog_id'], $contact_id);
//change blog
if ($source_data['blog_id'] != $target_data['blog_id']) {
//check editor rights for target blog
blogHelper::checkRights($target_data['blog_id'], $contact_id, $contact_id != $target_data['contact_id'] ? blogRightConfig::RIGHT_FULL : blogRightConfig::RIGHT_READ_WRITE);
//check (new) author rights
if ($contact_id != $target_data['contact_id']) {
//skip it = for admin it allowed
//blogHelper::checkRights($target_data['blog_id'],$target_data['contact_id']);
}
} else {
//check new author rights
if ($contact_id != $target_data['contact_id'] && $target_data['contact_id'] != $source_data['contact_id']) {
blogHelper::checkRights($target_data['blog_id'], $target_data['contact_id']);
}
}
//status changes
if (isset($data['status'])) {
switch ($data['status']) {
case self::STATUS_PUBLISHED:
if (!isset($data['datetime']) || !$data['datetime']) {
if (!isset($current_data['datetime']) || !$current_data['datetime']) {
$data['datetime'] = date("Y-m-d H:i:s");
} elseif (isset($current_data['status']) && !in_array($current_data['status'], array(self::STATUS_PUBLISHED, self::STATUS_SCHEDULED))) {
$data['datetime'] = date("Y-m-d H:i:s");
} else {
unset($data['datetime']);
}
}
break;
case self::STATUS_DRAFT:
if (!isset($data['datetime']) || !$data['datetime']) {
if (!isset($current_data['datetime']) || !$current_data['datetime']) {
$data['datetime'] = date("Y-m-d H:i:s");
} else {
unset($data['datetime']);
}
}
break;
case self::STATUS_SCHEDULED:
if (!isset($data['datetime']) || !$data['datetime']) {
unset($data['datetime']);
}
break;
case self::STATUS_DEADLINE:
if (!isset($data['datetime']) || !$data['datetime'] || is_array($data['datetime']) && !$data['datetime'][0]) {
$data['status'] = self::STATUS_DRAFT;
$data['datetime'] = date("Y-m-d H:i:s");
}
break;
}
}
if (!$id && (!isset($data['contact_id']) || !$data['contact_id'])) {
$data['contact_id'] = wa()->getUser()->getId();
}
if (isset($data['url']) && strlen($data['url'])) {
if (substr($data['url'], -1) == '/') {
$data['url'] = preg_replace('~\\/+$~', '', $data['url']);
}
if (strpos($data['url'], '/') !== false) {
throw new waException(_w('URL must not contain /'));
}
if ($this->checkUrl($data['url'], $id)) {
throw new waException(_w('This address is already in use') . ' ' . $data['url']);
}
} else {
//$data['url'] = blogHelper::transliterate($data['url']);
}
$edit = $id ? true : false;
$event_map = array(0 => array(0 => array('post_presave', 'post_save'), self::STATUS_PUBLISHED => array('post_prepublish', 'post_publish'), self::STATUS_SCHEDULED => array('post_preshedule', 'post_shedule'), self::STATUS_DEADLINE => array('post_presave', 'post_save'), self::STATUS_DRAFT => array('post_presave', 'post_save')), self::STATUS_DRAFT => array(0 => array('post_presave', 'post_save'), self::STATUS_PUBLISHED => array('post_prepublish', 'post_publish'), self::STATUS_SCHEDULED => array('post_preshedule', 'post_shedule'), self::STATUS_DEADLINE => array('post_presave', 'post_save'), self::STATUS_DRAFT => array('post_presave', 'post_save')), self::STATUS_DEADLINE => array(0 => array('post_presave', 'post_save'), self::STATUS_PUBLISHED => array('post_prepublish', 'post_publish'), self::STATUS_SCHEDULED => array('post_preshedule', 'post_shedule'), self::STATUS_DEADLINE => array('post_presave', 'post_save'), self::STATUS_DRAFT => array('post_presave', 'post_save')), self::STATUS_SCHEDULED => array(0 => array('post_presave', 'post_save'), self::STATUS_PUBLISHED => array('post_prepublish', 'post_publish'), self::STATUS_SCHEDULED => array('post_presave', 'post_save'), self::STATUS_DEADLINE => array('post_presave', 'post_save'), self::STATUS_DRAFT => array('post_presave', 'post_save')), self::STATUS_PUBLISHED => array(0 => array('post_presave', 'post_save'), self::STATUS_PUBLISHED => array('post_presave', 'post_save'), self::STATUS_SCHEDULED => array('post_preshedule', 'post_shedule'), self::STATUS_DEADLINE => array('post_presave', 'post_save'), self::STATUS_DRAFT => array('post_presave', 'post_save')));
$events = $event_map[isset($current_data['status']) ? $current_data['status'] : 0][isset($data['status']) ? $data['status'] : 0];
$data['plugin'] = $plugin;
/**
* @event post_prepublish
* @event post_preshedule
* @event post_presave
* @param array [string]mixed $data
* @param array [string]int $data['id']
* @param array [string][string]mixed $data['plugin']['%plugin_id']
* @return array[%plugin_id%][%field%]string Error message for field %field%
*/
$errors = wa()->event(array_shift($events), $data);
if ($id) {
if ($source_data['blog_id'] != $target_data['blog_id']) {
$comment_model = new blogCommentModel();
$comment_model->updateByField('post_id', $id, array('blog_id' => $target_data['blog_id']));
}
$this->updateById($id, $data);
$data[$this->id] = $id;
} else {
$id = $this->insert($data);
blogActivity::setUserActivity();
$data[$this->id] = $id;
if (!isset($data['url']) || strlen($data['url']) == 0) {
$this->updateById($id, array('url' => $id));
}
}
//status changed
//blog_id changed
$data = array_merge($current_data, $data);
$blog_model = new blogBlogModel();
if ($edit) {
//unpublish
if ($current_data['status'] == self::STATUS_PUBLISHED && $data['status'] != self::STATUS_PUBLISHED) {
$blog_model->updateQty($data['blog_id'], '-1');
//publish
} elseif ($current_data['status'] != self::STATUS_PUBLISHED && $data['status'] == self::STATUS_PUBLISHED) {
$blog_model->updateQty($data['blog_id'], '+1');
//move
} elseif (isset($current_data['blog_id']) && $current_data['status'] == self::STATUS_PUBLISHED && $data['status'] == self::STATUS_PUBLISHED && $current_data['blog_id'] != $data['blog_id']) {
$blog_model->updateQty($data['blog_id'], '+1');
$blog_model->updateQty($current_data['blog_id'], '-1');
}
} else {
if ($data['status'] == self::STATUS_PUBLISHED) {
$blog_model->updateQty($data['blog_id'], '+1');
}
}
/**
* @event post_publish
* @event post_shedule
* @event post_save
* @param array [string]mixed $data
* @param array [string]int $data['id']
* @param array [string][string]mixed $data['plugin']['%plugin_id']
* @return void
*/
wa()->event(array_shift($events), $data);
return $id;
}
public function postForm($id = null)
{
$html = false;
if (blogHelper::checkRights() >= blogRightConfig::RIGHT_READ_WRITE) {
$url = wa()->getAppUrl('blog') . '?module=post&action=edit';
$submit = _wd('blog', 'New post');
$html = <<<HTML
<form action="{$url}" method="POST" id="{$id}">
<p>
\t<input type="text" name="title"/><br/>
\t<textarea name="text" cols="60" rows="20"></textarea><br/>
\t{$this->wa->getView()->getHelper()->csrf()}
\t<input type="submit" value="{$submit}"/>
</p>
</form>
HTML;
}
return $html;
}
public function execute()
{
$this->post_id = max(0, $this->getRequest()->get('id', 0, waRequest::TYPE_INT));
$this->parent_id = max(0, $this->getRequest()->post('parent', 0, waRequest::TYPE_INT));
$comment_model = new blogCommentModel();
$post_model = new blogPostModel();
/**
*
* Parent comment data
* @var array
*/
$parent = null;
$stream = false;
//find comment parent
if ($this->parent_id && ($parent = $comment_model->getById($this->parent_id))) {
if ($this->post_id && $this->post_id != $parent['post_id']) {
throw new waRightsException(_w('Access denied'));
}
if (!$this->post_id) {
$stream = true;
}
$this->post_id = $parent['post_id'];
} else {
$this->parent_id = 0;
}
//find post
if (!$this->post_id || !($post = $post_model->getBlogPost($this->post_id))) {
throw new waException(_w('Post not found'), 404);
}
$contact_id = $this->getUser()->getId();
#check rights
$rights = blogHelper::checkRights($post['blog_id'], $contact_id, blogRightConfig::RIGHT_READ);
//check comment mode
if (!$post['comments_allowed']) {
throw new waException(_w("Isn't allowed comment to this post"));
}
$comment = array('blog_id' => $post['blog_id'], 'post_id' => $this->post_id, 'contact_id' => $contact_id, 'text' => $this->getRequest()->post('text'), 'auth_provider' => blogCommentModel::AUTH_USER);
$this->errors += $comment_model->validate($comment);
if (count($this->errors) > 0) {
return;
}
$id = $comment_model->add($comment, $this->parent_id);
$this->logAction('comment_add', $id);
$comment = $comment_model->getById($id);
//$comment['new'] = false;
$comment['parent'] = $this->parent_id;
if ($stream) {
$comment['parent_text'] = $parent ? $parent['text'] : null;
$comment['parent_status'] = $parent ? $parent['status'] : null;
} else {
$count = $comment_model->getCount($post['blog_id'], $this->post_id);
$this->response['count_str'] = $count . " " . _w('comment', 'comments', $count);
}
$comment['rights'] = $rights;
$comment['post'] =& $post;
$post['comments'] = $comment_model->prepareView(array($comment), array('photo_url_20'));
blogHelper::extendRights($post['comments'], array(), $contact_id);
if ($stream) {
$posts = array($this->post_id => &$post);
$blog_model = new blogBlogModel();
$extend_data = array('blog' => $blog_model->search(array('id' => $this->post_id))->fetchSearchAll());
$post_model->prepareView($posts, array('link' => true), $extend_data);
} else {
unset($comment['post']);
}
$view = wa()->getView();
$view->assign('post', $post);
$view->assign('contact_rights', $this->getUser()->getRights('contacts', 'backend'));
$template = $view->fetch('templates/actions/post/include.comments.html');
$this->getResponse()->addHeader('Content-type', 'application/json');
$this->response['template'] = $template;
}
private function delete($post)
{
$post_model = new blogPostModel();
$post = $post_model->getFieldsById($post['id'], array('id', 'blog_id'));
if ($post) {
if (!$this->getUser()->isAdmin($this->getApp())) {
// author of post
if ($post['contact_id'] == $this->getUser()->getId()) {
blogHelper::checkRights($post['blog_id'], $this->getUser()->getId(), blogRightConfig::RIGHT_READ_WRITE);
} else {
blogHelper::checkRights($post['blog_id'], $this->getUser()->getId(), blogRightConfig::RIGHT_FULL);
}
}
$post_model->deleteById($post['id']);
$this->response['redirect'] = '?blog=' . $post['blog_id'];
} else {
$this->response['redirect'] = '?';
}
}
public function execute()
{
$post_id = waRequest::get('id', null, waRequest::TYPE_INT);
$blog_model = new blogBlogModel();
$blogs = $blog_model->getAvailable();
if (!$blogs) {
$this->setTemplate('BlogNotFound');
return;
}
$blogs = $blog_model->prepareView($blogs);
if ($post_id) {
// edit post
$post_model = new blogPostModel();
$post = $post_model->getById($post_id);
if (!$post) {
throw new waException(_w('Post not found'), 404);
}
//check rights
if (blogHelper::checkRights($post['blog_id']) < blogRightConfig::RIGHT_FULL && $post['contact_id'] != $this->getUser()->getId()) {
throw new waRightsException(_w('Access denied'));
}
$post['datetime'] = $post['datetime'] >= 1971 ? $post['datetime'] : '';
$blog_id = $post['blog_id'];
$blog = $blogs[$blog_id];
$title = trim(sprintf(_w('Editing post %s'), $post['title']));
} else {
// add post
$date = waRequest::get('date', '');
$blog = $this->getAllowedBlog($blogs, wa()->getStorage()->read('blog_last_id'));
if (!$blog) {
throw new waRightsException(_w('Access denied'));
}
$blog_id = $blog['id'];
$post = array('title' => $this->getRequest()->post('title', '', waRequest::TYPE_STRING_TRIM), 'text' => $this->getRequest()->post('text', '', waRequest::TYPE_STRING_TRIM), 'continued_text' => null, 'categories' => array(), 'contact_id' => wa()->getUser()->getId(), 'url' => '', 'blog_id' => $blog_id, 'comments_allowed' => true);
$post['id'] = '';
$post['status'] = $date ? blogPostModel::STATUS_DEADLINE : blogPostModel::STATUS_DRAFT;
$post['datetime'] = '';
$post['meta_title'] = null;
$post['meta_keywords'] = null;
$post['meta_description'] = null;
$title = _w('Adding new post');
}
$all_links = blogPostModel::getPureUrls($post);
$post['other_links'] = $all_links;
$post['link'] = array_shift($post['other_links']);
$post['remaining_time'] = null;
if ($post['status'] == blogPostModel::STATUS_SCHEDULED && $post['datetime']) {
$post['remaining_time'] = $this->calculateRemainingTime($post['datetime']);
}
if ($blog['rights'] >= blogRightConfig::RIGHT_FULL) {
$users = blogHelper::getAuthors($post['blog_id']);
} else {
$user = $this->getUser();
$users = array($user->getId() => $user->getName());
}
// preview hash for all type of drafts
if ($post['status'] != blogPostModel::STATUS_PUBLISHED) {
$options = array('contact_id' => $post['contact_id'], 'blog_id' => $blog_id, 'post_id' => $post['id'], 'user_id' => wa()->getUser()->getId());
$preview_hash = blogPostModel::getPreviewHash($options);
$this->view->assign('preview_hash', base64_encode($preview_hash . $options['user_id']));
}
$this->view->assign('no_settlements', empty($all_links) ? true : false);
$this->view->assign('params', $this->getPostParams($post['id']));
$this->view->assign('blog', $blog);
$this->view->assign('users', $users);
$this->view->assign('blogs', $blogs);
$allow_change_blog = 0;
foreach ($blogs as $blog_item) {
if ($blog_item['rights'] >= blogRightConfig::RIGHT_READ_WRITE) {
++$allow_change_blog;
}
}
$this->view->assign('allow_change_blog', $allow_change_blog);
$this->view->assign('post_id', $post_id);
$this->view->assign('datetime_timezone', waDateTime::date("T", null, wa()->getUser()->getTimezone()));
/**
* Backend post edit page
* UI hook allow extends post edit page
* @event backend_post_edit
* @param array[string]mixed $post
* @param array[string]int $post['id']
* @param array[string]int $post['blog_id']
* @return array[string][string]string $return[%plugin_id%]['sidebar'] Plugin sidebar html output
* @return array[string][string]string $return[%plugin_id%]['toolbar'] Plugin toolbar html output
* @return array[string][string]string $return[%plugin_id%]['editor_tab'] Plugin editor tab html output
*/
$this->view->assign('backend_post_edit', wa()->event('backend_post_edit', $post, array('sidebar', 'toolbar', 'editor_tab')));
$app_settings = new waAppSettingsModel();
$show_comments = $app_settings->get($this->getApp(), 'show_comments', true);
$this->view->assign('show_comments', $show_comments);
$this->view->assign('post', $post);
/**
* @deprecated
* For backward compatibility reason
*/
$this->view->assign('cron_schedule_time', waSystem::getSetting('cron_schedule', 0, 'blog'));
$this->view->assign('last_schedule_cron_time', waSystem::getSetting('last_schedule_cron_time', 0, 'blog'));
$this->view->assign('cron_command', 'php ' . wa()->getConfig()->getRootPath() . '/cli.php blog schedule');
$this->setLayout(new blogDefaultLayout());
$this->getResponse()->setTitle($title);
}
