/** * Changes the state of one or more content pages * @param string The name of the category section * @param integer A unique category id (passed from an edit form) * @param array An array of unique category id numbers * @param integer 0 if unpublishing, 1 if publishing * @param string The name of the current user */ function toggleFrontPage($cid, $option) { global $database, $my, $mainframe; if (count($cid) < 1) { echo "<script> alert('" . T_('Select an item to toggle') . "'); window.history.go(-1);</script>\n"; exit; } $msg = ''; require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); foreach ($cid as $id) { // toggles go to first place if ($fp->load($id)) { if (!$fp->delete($id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } else { // new entry $database->setQuery("INSERT INTO #__content_frontpage VALUES ('{$id}','0')"); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 0; } $fp->updateOrder(); } mosRedirect('index2.php?option=com_typedcontent'); }
/** * Saves the content item an edit form submit */ function saveContent(&$access, $task) { global $database, $mainframe, $my; global $mosConfig_absolute_path, $mosConfig_offset, $Itemid; // simple spoof check security josSpoofCheck(); $nullDate = $database->getNullDate(); $row = new mosContent($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitise id field $row->id = (int) $row->id; $isNew = $row->id < 1; if ($isNew) { // new record if (!($access->canEdit || $access->canEditOwn)) { mosNotAuth(); return; } $row->created = date('Y-m-d H:i:s'); $row->created_by = $my->id; } else { // existing record if (!($access->canEdit || $access->canEditOwn && $row->created_by == $my->id)) { mosNotAuth(); return; } $row->modified = date('Y-m-d H:i:s'); $row->modified_by = $my->id; } if (strlen(trim($row->publish_up)) <= 10) { $row->publish_up .= ' 00:00:00'; } $row->publish_up = mosFormatDate($row->publish_up, _CURRENT_SERVER_TIME_FORMAT, -$mosConfig_offset); if (trim($row->publish_down) == 'Never' || trim($row->publish_down) == '') { $row->publish_down = $nullDate; } else { if (strlen(trim($row->publish_down)) <= 10) { $row->publish_down .= ' 00:00:00'; } $row->publish_down = mosFormatDate($row->publish_down, _CURRENT_SERVER_TIME_FORMAT, -$mosConfig_offset); } // code cleaner for xhtml transitional compliance $row->introtext = str_replace('<br>', '<br />', $row->introtext); $row->fulltext = str_replace('<br>', '<br />', $row->fulltext); // remove <br /> take being automatically added to empty fulltext $length = strlen($row->fulltext) < 9; $search = strstr($row->fulltext, '<br />'); if ($length && $search) { $row->fulltext = NULL; } $row->title = ampReplace($row->title); // Publishing state hardening for Authors if (!$access->canPublish) { if ($isNew) { // For new items - author is not allowed to publish - prevent them from doing so $row->state = 0; } else { // For existing items keep existing state - author is not allowed to change status $query = "SELECT state" . "\n FROM #__content" . "\n WHERE id = " . (int) $row->id; $database->setQuery($query); $state = $database->loadResult(); if ($state) { $row->state = 1; } else { $row->state = 0; } } } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->version++; if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // manage frontpage items require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); if (intval(mosGetParam($_REQUEST, 'frontpage', 0))) { // toggles go to first place if (!$fp->load((int) $row->id)) { // new entry $query = "INSERT INTO #__content_frontpage" . "\n VALUES ( " . (int) $row->id . ", 1 )"; $database->setQuery($query); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete((int) $row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->updateOrder(); $row->checkin(); $row->updateOrder("catid = " . (int) $row->catid); // gets section name of item $query = "SELECT s.title" . "\n FROM #__sections AS s" . "\n WHERE s.scope = 'content'" . "\n AND s.id = " . (int) $row->sectionid; $database->setQuery($query); // gets category name of item $section = $database->loadResult(); $query = "SELECT c.title" . "\n FROM #__categories AS c" . "\n WHERE c.id = " . (int) $row->catid; $database->setQuery($query); $category = $database->loadResult(); $category = stripslashes($category); if ($isNew) { // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $query = "SELECT id" . "\n FROM #__users" . "\n WHERE sendEmail = 1"; $database->setQuery($query); $users = $database->loadResultArray(); foreach ($users as $user_id) { $msg = new mosMessage($database); $msg->send($my->id, $user_id, "New Item", sprintf(_ON_NEW_CONTENT, $my->username, $row->title, $section, $category)); } } $msg = $isNew ? _THANK_SUB : _E_ITEM_SAVED; $msg = $my->usertype == 'Publisher' ? _THANK_SUB_PUB : $msg; switch ($task) { case 'apply': $link = $_SERVER['HTTP_REFERER']; break; case 'apply_new': $Itemid = intval(mosGetParam($_POST, 'Returnid', $Itemid)); $link = 'index.php?option=com_content&task=edit&id=' . $row->id . '&Itemid=' . $Itemid; break; case 'save': default: $Itemid = mosGetParam($_POST, 'Returnid', ''); if ($Itemid) { if ($access->canEdit) { $link = 'index.php?option=com_content&task=view&id=' . $row->id . '&Itemid=' . $Itemid; } else { $link = 'index.php'; } } else { $link = strval(mosGetParam($_POST, 'referer', '')); } break; } mosRedirect($link, $msg); }
/** * Saves the content item an edit form submit */ function saveContent(&$access) { global $database, $mainframe, $my; global $mosConfig_absolute_path; $row = new mosContent($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $isNew = $row->id < 1; if ($isNew) { // new record if (!($access->canEdit || $access->canEditOwn)) { mosNotAuth(); return; } $row->created = date('Y-m-d H:i:s'); $row->created_by = $my->id; } else { // existing record if (!($access->canEdit || $access->canEditOwn && $row->created_by == $my->id)) { mosNotAuth(); return; } $row->modified = date('Y-m-d H:i:s'); $row->modified_by = $my->id; } if (trim($row->publish_down) == 'Never') { $row->publish_down = '0000-00-00 00:00:00'; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->version++; if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // manage frontpage items require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); if (mosGetParam($_REQUEST, 'frontpage', 0)) { // toggles go to first place if (!$fp->load($row->id)) { // new entry $database->setQuery("INSERT INTO #__content_frontpage VALUES ('{$row->id}','1')"); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete($row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->updateOrder(); $row->checkin(); $row->updateOrder("catid='{$row->catid}'"); // gets section name of item $database->setQuery("SELECT s.title" . "\n FROM #__sections AS s" . "\n WHERE s.scope = 'content'" . "\n AND s.id = '" . $row->sectionid . "'"); // gets category name of item $section = $database->loadResult(); $database->setQuery("SELECT c.title" . "\n FROM #__categories AS c" . "\n WHERE c.id = '" . $row->catid . "'"); $category = $database->loadResult(); if ($isNew) { // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $database->setQuery("SELECT id FROM #__users WHERE sendEmail = '1'"); $users = $database->loadResultArray(); foreach ($users as $user_id) { $msg = new mosMessage($database); $msg->send($my->id, $user_id, "New Item", sprintf(_ON_NEW_CONTENT, $my->username, $row->title, $section, $category)); } } $Itemid = mosGetParam($_POST, 'Returnid', '0'); mosRedirect('index.php?option=com_content&task=view&id=' . $row->id . '&Itemid=' . $Itemid, $isNew ? _THANK_SUB : _E_ITEM_SAVED); }
/** * Changes the state of one or more content pages * @param string The name of the category section * @param integer A unique category id (passed from an edit form) * @param array An array of unique category id numbers * @param integer 0 if unpublishing, 1 if publishing * @param string The name of the current user */ function toggleFrontPage($cid, $section, $option) { global $database, $mainframe; josSpoofCheck(); if (count($cid) < 1) { echo "<script> alert('Select an item to toggle'); window.history.go(-1);</script>\n"; exit; } $msg = ''; require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); foreach ($cid as $id) { // toggles go to first place if ($fp->load($id)) { if (!$fp->delete($id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } else { // new entry $query = "INSERT INTO #__content_frontpage" . "\n VALUES ( " . (int) $id . ", 0 )"; $database->setQuery($query); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 0; } $fp->updateOrder(); } // clean any existing cache files mosCache::cleanCache('com_content'); mosRedirect('index2.php?option=' . $option . '§ionid=' . $section, $msg); }
function saveOrder(&$cid) { global $database; josSpoofCheck(); $total = count($cid); $order = josGetArrayInts('order'); for ($i = 0; $i < $total; $i++) { $query = "UPDATE #__content_frontpage" . "\n SET ordering = " . (int) $order[$i] . "\n WHERE content_id = " . (int) $cid[$i]; $database->setQuery($query); if (!$database->query()) { echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n"; exit; } // update ordering $row = new mosFrontPage($database); $row->load((int) $cid[$i]); $row->updateOrder(); } // clean any existing cache files mosCache::cleanCache('com_content'); $msg = 'New ordering saved'; mosRedirect('index2.php?option=com_frontpage', $msg); }
/** * Moves the order of a record * @param integer The increment to reorder by */ function orderFrontPage($uid, $inc, $option) { global $database; $fp = new mosFrontPage($database); $fp->load($uid); $fp->move($inc); mosRedirect("index2.php?option={$option}"); }
/** * Saves the content item an edit form submit */ function saveContent(&$access) { global $database, $mainframe, $my; global $mosConfig_absolute_path; $row = new mosContent($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitize $row->id = intval($row->id); $row->catid = intval($row->catid); $row->sectionid = intval($row->sectionid); $isNew = $row->id < 1; if ($isNew) { // new record if (!($access->canEdit || $access->canEditOwn)) { mosNotAuth(); return; } $row->created = date('Y-m-d H:i:s'); $row->created_by = $my->id; } else { // existing record if (!($access->canEdit || $access->canEditOwn && $row->created_by == $my->id)) { mosNotAuth(); return; } $row->modified = date('Y-m-d H:i:s'); $row->modified_by = $my->id; } if (trim($row->publish_down) == 'Never') { $row->publish_down = '0000-00-00 00:00:00'; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->version++; if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // manage frontpage items require_once $mainframe->getPath('class', 'com_frontpage'); $fp = new mosFrontPage($database); if (mosGetParam($_REQUEST, 'frontpage', 0)) { // toggles go to first place if (!$fp->load($row->id)) { // new entry $database->setQuery("INSERT INTO #__content_frontpage VALUES ('{$row->id}','1')"); if (!$database->query()) { echo "<script> alert('" . $database->stderr() . "');</script>\n"; exit; } $fp->ordering = 1; } } else { // no frontpage mask if (!$fp->delete($row->id)) { $msg .= $fp->stderr(); } $fp->ordering = 0; } $fp->updateOrder(); $row->checkin(); $row->updateOrder("catid='{$row->catid}'"); // gets section name of item $database->setQuery("SELECT s.title" . "\n FROM #__sections AS s" . "\n WHERE s.scope = 'content'" . "\n AND s.id = '" . $row->sectionid . "'"); // gets category name of item $section = $database->loadResult(); $database->setQuery("SELECT c.title" . "\n FROM #__categories AS c" . "\n WHERE c.id = '" . $row->catid . "'"); $category = $database->loadResult(); if ($isNew) { // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $database->setQuery("SELECT id FROM #__users WHERE sendEmail = '1'"); $users = $database->loadResultArray(); if ($users) { foreach ($users as $user_id) { $msg = new mosMessage($database); $msg->send($my->id, $user_id, T_("New Item"), sprintf(T_('A new content item has been submitted by [ %s ] titled [ %s ] from section [ %s ] and category [ %s ]'), $my->username, $row->title, $section, $category)); } } } $Itemid = mosGetParam($_POST, 'Returnid', '0'); $msg = $isNew ? T_('Thanks for your submission; it will be reviewed before being posted to the site.') : T_('Item saved successfully.'); mosRedirect('index.php', $msg); }
function saveOrder(&$cid) { global $database; $total = count($cid); $order = mosGetParam($_POST, 'order', array(0)); for ($i = 0; $i < $total; $i++) { $query = "UPDATE #__content_frontpage SET ordering='{$order[$i]}' WHERE content_id = {$cid[$i]}"; $database->setQuery($query); if (!$database->query()) { echo "<script> alert('" . $database->getErrorMsg() . "'); window.history.go(-1); </script>\n"; exit; } // update ordering $row = new mosFrontPage($database); $row->load($cid[$i]); $row->updateOrder(); } $msg = T_('New ordering saved'); mosRedirect('index2.php?option=com_frontpage', $msg); }