/**
* Prepare the 'In-skin editing'.
*
*/
function init_inskin_editing()
{
global $Blog, $edited_Item, $action, $form_action;
global $item_tags, $item_title, $item_content;
global $admin_url, $redirect_to, $advanced_edit_link;
if (!$Blog->get_setting('in_skin_editing')) {
// Redirect to the Back-office editing (setting is OFF)
header_redirect($admin_url . '?ctrl=items&action=new&blog=' . $Blog->ID);
}
$tab_switch_params = 'blog=' . $Blog->ID;
// Post ID, go from $_GET when we edit post from Front-office
$post_ID = param('p', 'integer', 0);
// Post ID, go from $_GET when we copy post from Front-office
$copy_post_ID = param('cp', 'integer', 0);
if ($post_ID > 0) {
// Edit post
global $post_extracats;
$action = 'edit';
$ItemCache =& get_ItemCache();
$edited_Item = $ItemCache->get_by_ID($post_ID);
check_categories_nosave($post_category, $post_extracats);
$post_extracats = postcats_get_byID($post_ID);
$redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=edit&p=' . $post_ID, '&');
$tab_switch_params .= '&p=' . $edited_Item->ID;
} elseif ($copy_post_ID > 0) {
// Copy post
global $localtimenow;
$action = 'new';
$ItemCache =& get_ItemCache();
$edited_Item = $ItemCache->get_by_ID($copy_post_ID);
$edited_Item_Blog = $edited_Item->get_Blog();
$item_status = $edited_Item_Blog->get_allowed_item_status();
$edited_Item->set('status', $item_status);
$edited_Item->set('dateset', 0);
// Date not explicitly set yet
$edited_Item->set('issue_date', date('Y-m-d H:i:s', $localtimenow));
modules_call_method('constructor_item', array('Item' => &$edited_Item));
check_categories_nosave($post_category, $post_extracats);
$redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=edit', '&');
} elseif (empty($action)) {
// Create new post (from Front-office)
$action = 'new';
load_class('items/model/_item.class.php', 'Item');
$edited_Item = new Item();
$def_status = get_highest_publish_status('post', $Blog->ID, false);
$edited_Item->set('status', $def_status);
check_categories_nosave($post_category, $post_extracats);
$edited_Item->set('main_cat_ID', $Blog->get_default_cat_ID());
// Set default locations from current user
$edited_Item->set_creator_location('country');
$edited_Item->set_creator_location('region');
$edited_Item->set_creator_location('subregion');
$edited_Item->set_creator_location('city');
// Set object params:
$edited_Item->load_from_Request(false, true);
$redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=edit', '&');
}
// Used in the edit form:
// We never allow HTML in titles, so we always encode and decode special chars.
$item_title = htmlspecialchars_decode($edited_Item->title);
$item_content = prepare_item_content($edited_Item->content);
if (!$edited_Item->get_type_setting('allow_html')) {
// HTML is disallowed for this post, content is encoded in DB and we need to decode it for editing:
$item_content = htmlspecialchars_decode($item_content);
}
// Format content for editing, if we were not already in editing...
$Plugins_admin =& get_Plugins_admin();
$edited_Item->load_Blog();
$params = array('object_type' => 'Item', 'object_Blog' => &$edited_Item->Blog);
$Plugins_admin->unfilter_contents($item_title, $item_content, $edited_Item->get_renderers_validated(), $params);
$item_tags = implode(', ', $edited_Item->get_tags());
// Get an url for a link 'Go to advanced edit screen'
$advanced_edit_link = array('href' => $admin_url . '?ctrl=items&action=' . $action . '&' . $tab_switch_params, 'onclick' => 'return b2edit_reload( document.getElementById(\'item_checkchanges\'), \'' . $admin_url . '?ctrl=items&blog=' . $Blog->ID . '\' );');
$form_action = get_samedomain_htsrv_url() . 'item_edit.php';
}
/**
* Load data from Request form fields.
*
* This requires the blog (e.g. {@link $blog_ID} or {@link $main_cat_ID} to be set).
*
* @param boolean true if we are returning to edit mode (new, switchtab...)
* @return boolean true if loaded data seems valid.
*/
function load_from_Request($editing = false, $creating = false)
{
global $default_locale, $current_User, $localtimenow;
global $posttypes_reserved_IDs, $item_typ_ID;
// LOCALE:
if (param('post_locale', 'string', NULL) !== NULL) {
$this->set_from_Request('locale');
}
// POST TYPE:
$item_typ_ID = get_param('item_typ_ID');
if (empty($item_typ_ID)) {
// Try to get this from request if it has been not initialized by controller:
$item_typ_ID = param('item_typ_ID', 'integer', NULL);
}
if (!empty($item_typ_ID)) {
// Set new post type ID only if it is defined on request:
$this->set('ityp_ID', $item_typ_ID);
}
// URL associated with Item:
$post_url = param('post_url', 'string', NULL);
if ($post_url !== NULL) {
param_check_url('post_url', 'posting', '');
$this->set_from_Request('url');
}
if (empty($post_url) && $this->get_type_setting('use_url') == 'required') {
// URL must be entered
param_check_not_empty('post_url', T_('Please provide a "Link To" URL.'), '');
}
// Item parent ID:
$post_parent_ID = param('post_parent_ID', 'integer', NULL);
if ($post_parent_ID !== NULL) {
// If item parent ID is entered:
$ItemCache =& get_ItemCache();
if ($ItemCache->get_by_ID($post_parent_ID, false, false)) {
// Save only ID of existing item:
$this->set_from_Request('parent_ID');
} else {
// Display an error of the entered item parent ID is incorrect:
param_error('post_parent_ID', T_('The parent ID is not a correct Item ID.'));
}
}
if (empty($post_parent_ID)) {
// If empty parent ID is entered:
if ($this->get_type_setting('use_parent') == 'required') {
// Item parent ID must be entered:
param_check_not_empty('post_parent_ID', T_('Please provide a parent ID.'), '');
} else {
// Remove parent ID:
$this->set_from_Request('parent_ID');
}
}
if ($this->status == 'redirected' && empty($this->url)) {
// Note: post_url is not part of the simple form, so this message can be a little bit awkward there
param_error('post_url', T_('If you want to redirect this post, you must specify an URL!') . ' (' . T_('Advanced properties panel') . ')', T_('If you want to redirect this post, you must specify an URL!'));
}
// ISSUE DATE / TIMESTAMP:
$this->load_Blog();
if ($current_User->check_perm('admin', 'restricted') && $current_User->check_perm('blog_edit_ts', 'edit', false, $this->Blog->ID)) {
// Allow to update timestamp fields only if user has a permission to edit such fields
// and also if user has an access to back-office
$item_dateset = param('item_dateset', 'integer', NULL);
if ($item_dateset !== NULL) {
$this->set('dateset', $item_dateset);
if ($editing || $this->dateset == 1) {
// We can use user date:
if (param_date('item_issue_date', T_('Please enter a valid issue date.'), true) && param_time('item_issue_time')) {
// only set it, if a (valid) date and time was given:
$this->set('issue_date', form_date(get_param('item_issue_date'), get_param('item_issue_time')));
// TODO: cleanup...
}
} elseif ($this->dateset == 0) {
// Set date to NOW:
$this->set('issue_date', date('Y-m-d H:i:s', $localtimenow));
}
}
}
// DEADLINE:
if (param_date('item_deadline', T_('Please enter a valid deadline.'), false, NULL) !== NULL) {
$this->set_from_Request('datedeadline', 'item_deadline', true);
}
// SLUG:
if (param('post_urltitle', 'string', NULL) !== NULL) {
$this->set_from_Request('urltitle');
}
// <title> TAG:
$titletag = param('titletag', 'string', NULL);
if ($titletag !== NULL) {
$this->set_from_Request('titletag', 'titletag');
}
if (empty($titletag) && $this->get_type_setting('use_title_tag') == 'required') {
// Title tag must be entered
param_check_not_empty('titletag', T_('Please provide a title tag.'), '');
}
// <meta> DESC:
$metadesc = param('metadesc', 'string', NULL);
if ($metadesc !== NULL) {
$this->set_setting('metadesc', get_param('metadesc'));
}
if (empty($metadesc) && $this->get_type_setting('use_meta_desc') == 'required') {
// Meta description must be entered
param_check_not_empty('metadesc', T_('Please provide a meta description.'), '');
}
// <meta> KEYWORDS:
$metakeywords = param('metakeywords', 'string', NULL);
if ($metakeywords !== NULL) {
$this->set_setting('metakeywords', get_param('metakeywords'));
}
if (empty($metakeywords) && $this->get_type_setting('use_meta_keywds') == 'required') {
// Meta keywords must be entered
param_check_not_empty('metakeywords', T_('Please provide the meta keywords.'), '');
}
// TAGS:
if ($current_User->check_perm('admin', 'restricted')) {
// User should has an access to back-office to edit tags
$item_tags = param('item_tags', 'string', NULL);
if ($item_tags !== NULL) {
$this->set_tags_from_string(get_param('item_tags'));
// Update setting 'suggest_item_tags' of the current User
global $UserSettings;
$UserSettings->set('suggest_item_tags', param('suggest_item_tags', 'integer', 0));
$UserSettings->dbupdate();
}
if (empty($item_tags) && $this->get_type_setting('use_tags') == 'required') {
// Tags must be entered
param_check_not_empty('item_tags', T_('Please provide at least one tag.'), '');
}
}
// WORKFLOW stuff:
param('item_st_ID', 'integer', NULL);
$this->set_from_Request('pst_ID', 'item_st_ID', true);
$item_assigned_user_ID = param('item_assigned_user_ID', 'integer', NULL);
$item_assigned_user_login = param('item_assigned_user_login', 'string', NULL);
$this->assign_to($item_assigned_user_ID, $item_assigned_user_login);
$item_priority = param('item_priority', 'integer', NULL);
if ($item_priority !== NULL) {
// Set task priority only if it is gone from form
$this->set_from_Request('priority', 'item_priority', true);
}
// FEATURED checkbox:
$this->set('featured', param('item_featured', 'integer', 0), false);
// HIDE TEASER checkbox:
$this->set_setting('hide_teaser', param('item_hideteaser', 'integer', 0));
$goal_ID = param('goal_ID', 'integer', NULL);
if ($goal_ID !== NULL) {
// Goal ID
$this->set_setting('goal_ID', $goal_ID, true);
}
// ORDER:
param('item_order', 'double', NULL);
$this->set_from_Request('order', 'item_order', true);
// OWNER:
$this->creator_user_login = param('item_owner_login', 'string', NULL);
if ($current_User->check_perm('users', 'edit') && param('item_owner_login_displayed', 'string', NULL) !== NULL) {
// only admins can change the owner..
if (param_check_not_empty('item_owner_login', T_('Please enter valid owner login.')) && param_check_login('item_owner_login', true)) {
$this->set_creator_by_login($this->creator_user_login);
}
}
// LOCATION COORDINATES:
if ($this->get_type_setting('use_coordinates') != 'never') {
// location coordinates are enabled, save map settings
param('item_latitude', 'double', NULL);
// get par value
$this->set_setting('latitude', get_param('item_latitude'), true);
param('item_longitude', 'double', NULL);
// get par value
$this->set_setting('longitude', get_param('item_longitude'), true);
param('google_map_zoom', 'integer', NULL);
// get par value
$this->set_setting('map_zoom', get_param('google_map_zoom'), true);
param('google_map_type', 'string', NULL);
// get par value
$this->set_setting('map_type', get_param('google_map_type'), true);
if ($this->get_type_setting('use_coordinates') == 'required') {
// The location coordinates are required
param_check_not_empty('item_latitude', T_('Please provide a latitude.'), '');
param_check_not_empty('item_longitude', T_('Please provide a longitude.'), '');
}
}
// CUSTOM FIELDS:
$custom_fields = $this->get_type_custom_fields();
foreach ($custom_fields as $custom_field) {
// update each custom field
$param_name = 'item_' . $custom_field['type'] . '_' . $custom_field['ID'];
if (isset_param($param_name)) {
// param is set
$param_type = $custom_field['type'] == 'varchar' ? 'string' : $custom_field['type'];
param($param_name, $param_type, NULL);
// get par value
$custom_field_make_null = $custom_field['type'] != 'double';
// store '0' values in DB for numeric fields
$this->set_setting('custom_' . $custom_field['type'] . '_' . $custom_field['ID'], get_param($param_name), $custom_field_make_null);
}
}
// COMMENTS:
if ($this->allow_comment_statuses()) {
// Save status of "Allow comments for this item" (only if comments are allowed in this blog, and by current post type
$post_comment_status = param('post_comment_status', 'string', 'open');
if (!empty($post_comment_status)) {
// 'open' or 'closed' or ...
$this->set_from_Request('comment_status');
}
}
// EXPIRY DELAY:
$expiry_delay = param_duration('expiry_delay');
if (empty($expiry_delay)) {
// Check if we have 'expiry_delay' param set as string from simple or mass form
$expiry_delay = param('expiry_delay', 'string', NULL);
}
if (empty($expiry_delay) && $this->get_type_setting('use_comment_expiration') == 'required') {
// Comment expiration must be entered
param_check_not_empty('expiry_delay', T_('Please provide a comment expiration delay.'), '');
}
$this->set_setting('comment_expiry_delay', $expiry_delay, true);
// EXTRA PARAMS FROM MODULES:
modules_call_method('update_item_settings', array('edited_Item' => $this));
// RENDERERS:
if (param('renderers_displayed', 'integer', 0)) {
// use "renderers" value only if it has been displayed (may be empty)
global $Plugins;
$renderers = $Plugins->validate_renderer_list(param('renderers', 'array:string', array()), array('Item' => &$this));
$this->set('renderers', $renderers);
} else {
$renderers = $this->get_renderers_validated();
}
// CONTENT + TITLE:
if ($this->get_type_setting('allow_html')) {
// HTML is allowed for this post, we'll accept HTML tags:
$text_format = 'html';
} else {
// HTML is disallowed for this post, we'll encode all special chars:
$text_format = 'htmlspecialchars';
}
$editor_code = param('editor_code', 'string', NULL);
if ($editor_code) {
// Update item editor code if it was explicitly set
$this->set_setting('editor_code', $editor_code);
}
$content = param('content', $text_format, NULL);
if ($content !== NULL) {
// Never allow html content on post titles: (fp> probably so as to not mess up backoffice and all sorts of tools)
param('post_title', 'htmlspecialchars', NULL);
// Do some optional filtering on the content
// Typically stuff that will help the content to validate
// Useful for code display.
// Will probably be used for validation also.
$Plugins_admin =& get_Plugins_admin();
$params = array('object_type' => 'Item', 'object' => &$this, 'object_Blog' => &$this->Blog);
$Plugins_admin->filter_contents($GLOBALS['post_title'], $GLOBALS['content'], $renderers, $params);
// Title checking:
$use_title = $this->get_type_setting('use_title');
if ((!$editing || $creating) && $use_title == 'required') {
param_check_not_empty('post_title', T_('Please provide a title.'), '');
}
// Format raw HTML input to cleaned up and validated HTML:
param_check_html('content', T_('Invalid content.'));
$content = prepare_item_content(get_param('content'));
$this->set('content', $content);
$this->set('title', get_param('post_title'));
}
if (empty($content) && $this->get_type_setting('use_text') == 'required') {
// Content must be entered
param_check_not_empty('content', T_('Please enter some text.'), '');
}
// EXCERPT: (must come after content (to handle excerpt_autogenerated))
$post_excerpt = param('post_excerpt', 'text', NULL);
if ($post_excerpt !== NULL && $post_excerpt != $this->excerpt) {
$this->set('excerpt_autogenerated', 0);
// Set this to the '0' for saving a field 'excerpt' from a request
$this->set_from_Request('excerpt');
}
if (empty($post_excerpt) && $this->get_type_setting('use_excerpt') == 'required') {
// Content must be entered
param_check_not_empty('post_excerpt', T_('Please provide an excerpt.'), '');
}
// LOCATION (COUNTRY -> CITY):
load_funcs('regional/model/_regional.funcs.php');
// Check if this item has a special post type. Location is not required for special posts.
$not_special_post = !$this->is_special();
if ($this->country_visible()) {
// Save country
$country_ID = param('item_ctry_ID', 'integer', 0);
$country_is_required = $this->get_type_setting('use_country') == 'required' && $not_special_post && countries_exist();
param_check_number('item_ctry_ID', T_('Please select a country'), $country_is_required);
$this->set_from_Request('ctry_ID', 'item_ctry_ID', true);
}
if ($this->region_visible()) {
// Save region
$region_ID = param('item_rgn_ID', 'integer', 0);
$region_is_required = $this->get_type_setting('use_region') == 'required' && $not_special_post && regions_exist($country_ID);
param_check_number('item_rgn_ID', T_('Please select a region'), $region_is_required);
$this->set_from_Request('rgn_ID', 'item_rgn_ID', true);
}
if ($this->subregion_visible()) {
// Save subregion
$subregion_ID = param('item_subrg_ID', 'integer', 0);
$subregion_is_required = $this->get_type_setting('use_sub_region') == 'required' && $not_special_post && subregions_exist($region_ID);
param_check_number('item_subrg_ID', T_('Please select a sub-region'), $subregion_is_required);
$this->set_from_Request('subrg_ID', 'item_subrg_ID', true);
}
if ($this->city_visible()) {
// Save city
param('item_city_ID', 'integer', 0);
$city_is_required = $this->get_type_setting('use_city') == 'required' && $not_special_post && cities_exist($country_ID, $region_ID, $subregion_ID);
param_check_number('item_city_ID', T_('Please select a city'), $city_is_required);
$this->set_from_Request('city_ID', 'item_city_ID', true);
}
return !param_errors_detected();
}
if (in_array($action, array('new_type', 'edit_type'))) {
// Form to change post type
$AdminUI->disp_view('items/views/_item_edit_type.form.php');
} else {
// Form to edit item
$AdminUI->disp_view('items/views/_item_expert.form.php');
}
// End payload block:
$AdminUI->disp_payload_end();
break;
case 'new_mass':
// Begin payload block:
$AdminUI->disp_payload_begin();
// We never allow HTML in titles, so we always encode and decode special chars.
$item_title = htmlspecialchars_decode($edited_Item->title);
$item_content = prepare_item_content($edited_Item->content);
if (!$edited_Item->get_type_setting('allow_html')) {
// HTML is disallowed for this post, content is encoded in DB and we need to decode it for editing:
$item_content = htmlspecialchars_decode($item_content);
}
// Format content for editing, if we were not already in editing...
$Plugins_admin =& get_Plugins_admin();
$edited_Item->load_Blog();
$params = array('object_type' => 'Item', 'object_Blog' => &$edited_Item->Blog);
$Plugins_admin->unfilter_contents($item_title, $item_content, $edited_Item->get_renderers_validated(), $params);
$AdminUI->disp_view('items/views/_item_mass.form.php');
// End payload block:
$AdminUI->disp_payload_end();
break;
case 'view':
case 'delete':
