function submit_new_entry($cp_call = TRUE)
{
global $IN, $PREFS, $OUT, $LANG, $FNS, $LOC, $DSP, $DB, $SESS, $STAT, $REGX, $EXT;
$url_title = '';
$tb_format = 'xhtml';
$tb_errors = FALSE;
$ping_errors = FALSE;
$revision_post = $_POST;
$return_url = !$IN->GBL('return_url', 'POST') ? '' : $IN->GBL('return_url');
unset($_POST['return_url']);
if ($PREFS->ini('site_pages') !== FALSE) {
$LANG->fetch_language_file('pages');
}
if (!($weblog_id = $IN->GBL('weblog_id', 'POST')) or !is_numeric($weblog_id)) {
return false;
}
$assigned_weblogs = $FNS->fetch_assigned_weblogs();
/** ----------------------------------------------
/** Security check
/** ---------------------------------------------*/
if (!in_array($weblog_id, $assigned_weblogs)) {
return false;
}
// -------------------------------------------
// 'submit_new_entry_start' hook.
// - Add More Stuff to do when you first submit an entry
// - Added 1.4.2
//
$edata = $EXT->call_extension('submit_new_entry_start');
if ($EXT->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** -----------------------------
/** Does entry ID exist? And is valid for this weblog?
/** -----------------------------*/
if (($entry_id = $IN->GBL('entry_id', 'POST')) !== FALSE && is_numeric($entry_id)) {
// we grab the author_id now as we use it later for author validation
$query = $DB->query("SELECT entry_id, author_id FROM exp_weblog_titles WHERE entry_id = '" . $DB->escape_str($entry_id) . "' AND weblog_id = '" . $DB->escape_str($weblog_id) . "'");
if ($query->num_rows != 1) {
return FALSE;
} else {
$entry_id = $query->row['entry_id'];
$orig_author_id = $query->row['author_id'];
}
} else {
$entry_id = '';
}
/** -----------------------------
/** Weblog Switch?
/** -----------------------------*/
$old_weblog = '';
if (($new_weblog = $IN->GBL('new_weblog', 'POST')) !== FALSE && $new_weblog != $weblog_id) {
$query = $DB->query("SELECT status_group, cat_group, field_group, weblog_id \n \t\t\t\t\t\t FROM exp_weblogs \n \t\t\t\t\t\t WHERE weblog_id IN ('" . $DB->escape_str($weblog_id) . "', '" . $DB->escape_str($new_weblog) . "')");
if ($query->num_rows == 2) {
if ($query->result['0']['status_group'] == $query->result['1']['status_group'] && $query->result['0']['cat_group'] == $query->result['1']['cat_group'] && $query->result['0']['field_group'] == $query->result['1']['field_group']) {
if ($SESS->userdata['group_id'] == 1) {
$old_weblog = $weblog_id;
$weblog_id = $new_weblog;
} else {
$assigned_weblogs = $FNS->fetch_assigned_weblogs();
if (in_array($new_weblog, $assigned_weblogs)) {
$old_weblog = $weblog_id;
$weblog_id = $new_weblog;
}
}
}
}
}
/** -----------------------------
/** Fetch Weblog Prefs
/** -----------------------------*/
$query = $DB->query("SELECT blog_title, blog_url, comment_url, deft_status, enable_versioning, enable_qucksave_versioning, max_revisions, weblog_notify, weblog_notify_emails, ping_return_url, rss_url, tb_return_url, trackback_field, comment_system_enabled, trackback_system_enabled FROM exp_weblogs WHERE weblog_id = '" . $weblog_id . "'");
$blog_title = $REGX->ascii_to_entities($query->row['blog_title']);
$blog_url = $query->row['blog_url'];
$ping_url = $query->row['ping_return_url'] == '' ? $query->row['blog_url'] : $query->row['ping_return_url'];
$tb_url = $query->row['tb_return_url'] == '' ? $query->row['blog_url'] : $query->row['tb_return_url'];
$rss_url = $query->row['rss_url'];
$deft_status = $query->row['deft_status'];
$comment_url = $query->row['comment_url'];
$trackback_field = $query->row['trackback_field'];
$comment_system_enabled = $query->row['comment_system_enabled'];
$trackback_system_enabled = $query->row['trackback_system_enabled'];
$notify_address = ($query->row['weblog_notify'] == 'y' and $query->row['weblog_notify_emails'] != '') ? $query->row['weblog_notify_emails'] : '';
$enable_versioning = $query->row['enable_versioning'];
$enable_qucksave_versioning = $query->row['enable_qucksave_versioning'];
$max_revisions = $query->row['max_revisions'];
/** -----------------------------
/** Error trapping
/** -----------------------------*/
$error = array();
// Fetch language file
$LANG->fetch_language_file('publish_ad');
/** ---------------------------------
/** No entry title? Assign error.
/** ---------------------------------*/
if (!($title = strip_tags(trim(stripslashes($IN->GBL('title', 'POST')))))) {
$error[] = $LANG->line('missing_title');
}
/** ---------------------------------------------
/** No date? Assign error.
/** ---------------------------------------------*/
if (!$IN->GBL('entry_date', 'POST')) {
$error[] = $LANG->line('missing_date');
}
/** ---------------------------------------------
/** Convert the date to a Unix timestamp
/** ---------------------------------------------*/
$entry_date = $LOC->convert_human_date_to_gmt($IN->GBL('entry_date', 'POST'));
if (!is_numeric($entry_date)) {
// Localize::convert_human_date_to_gmt() returns verbose errors
if ($entry_date !== FALSE) {
$error[] = $entry_date . NBS . NBS . '(' . $LANG->line('entry_date') . ')';
} else {
$error[] = $LANG->line('invalid_date_formatting');
}
}
/** ---------------------------------------------
/** Convert expiration date to a Unix timestamp
/** ---------------------------------------------*/
if (!$IN->GBL('expiration_date', 'POST')) {
$expiration_date = 0;
} else {
$expiration_date = $LOC->convert_human_date_to_gmt($IN->GBL('expiration_date', 'POST'));
if (!is_numeric($expiration_date)) {
// Localize::convert_human_date_to_gmt() returns verbose errors
if ($expiration_date !== FALSE) {
$error[] = $expiration_date . NBS . NBS . '(' . $LANG->line('expiration_date') . ')';
} else {
$error[] = $LANG->line('invalid_date_formatting');
}
}
}
/** ---------------------------------------------
/** Convert comment expiration date timestamp
/** ---------------------------------------------*/
if (!$IN->GBL('comment_expiration_date', 'POST')) {
$comment_expiration_date = 0;
} else {
$comment_expiration_date = $LOC->convert_human_date_to_gmt($IN->GBL('comment_expiration_date', 'POST'));
if (!is_numeric($comment_expiration_date)) {
// Localize::convert_human_date_to_gmt() returns verbose errors
if ($comment_expiration_date !== FALSE) {
$error[] = $comment_expiration_date . NBS . NBS . '(' . $LANG->line('comment_expiration_date') . ')';
} else {
$error[] = $LANG->line('invalid_date_formatting');
}
}
}
/** --------------------------------------
/** Are all requred fields filled out?
/** --------------------------------------*/
$query = $DB->query("SELECT field_id, field_label FROM exp_weblog_fields WHERE field_required = 'y'");
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
if (isset($_POST['field_id_' . $row['field_id']]) and $_POST['field_id_' . $row['field_id']] == '') {
$error[] = $LANG->line('custom_field_empty') . NBS . $row['field_label'];
}
}
}
/** --------------------------------------
/** Are there any custom date fields?
/** --------------------------------------*/
$query = $DB->query("SELECT field_id, field_label FROM exp_weblog_fields WHERE field_type = 'date'");
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
if (isset($_POST['field_id_' . $row['field_id']]) and $_POST['field_id_' . $row['field_id']] != '') {
$_POST['field_ft_' . $row['field_id']] = 'none';
$custom_date = $LOC->convert_human_date_to_gmt($_POST['field_id_' . $row['field_id']]);
if (!is_numeric($custom_date)) {
// Localize::convert_human_date_to_gmt() returns verbose errors
if ($custom_date !== FALSE) {
$error[] = $custom_date . NBS . NBS . '(' . $row['field_label'] . ')';
} else {
$error[] = $LANG->line('invalid_date_formatting');
}
} else {
$custom_date = $LOC->offset_entry_dst($custom_date, $IN->GBL('dst_enabled', 'POST'));
$_POST['field_id_' . $row['field_id']] = $custom_date;
if (!isset($_POST['field_offset_' . $row['field_id']])) {
$_POST['field_dt_' . $row['field_id']] = '';
} else {
if ($_POST['field_offset_' . $row['field_id']] == 'y') {
$_POST['field_dt_' . $row['field_id']] = '';
} else {
$_POST['field_dt_' . $row['field_id']] = $SESS->userdata('timezone');
}
}
}
}
}
}
/** ---------------------------------
/** Fetch xml-rpc ping server IDs
/** ---------------------------------*/
$ping_servers = array();
foreach ($_POST as $key => $val) {
if (strstr($key, 'ping') and !is_array($val)) {
$ping_servers[] = $val;
unset($_POST[$key]);
}
}
/** -------------------------------------
/** Pre-process Trackback data
/** -------------------------------------*/
// If the weblog submission was via the bookmarklet we need to fetch the trackback URLs
$tb_auto_urls = '';
if ($IN->GBL('BK', 'GP')) {
foreach ($_POST as $key => $val) {
if (preg_match('#^TB_AUTO_#', $key)) {
$tb_auto_urls .= $val . NL;
}
}
}
// Join the manually submitted trackbacks with the auto-disovered ones
$trackback_urls = $IN->GBL('trackback_urls');
if ($tb_auto_urls != '') {
$trackback_urls .= NL . $tb_auto_urls;
}
/** --------------------------------------
/** Is weblog data present?
/** --------------------------------------*/
// In order to send pings or trackbacks, the weblog needs a title and URL
if ($trackback_urls != '' && ($blog_title == '' || $tb_url == '')) {
$error[] = $LANG->line('missing_weblog_data_for_pings');
}
if (count($ping_servers) > 0 && ($blog_title == '' || $ping_url == '')) {
$error[] = $LANG->line('missing_weblog_data_for_pings');
}
/** --------------------------------------
/** Is the title unique?
/** --------------------------------------*/
if ($title != '') {
/** ---------------------------------
/** Do we have a URL title?
/** ---------------------------------*/
// If not, create one from the title
$url_title = $IN->GBL('url_title');
if (!$url_title) {
$url_title = $REGX->create_url_title($title, TRUE);
}
// Kill all the extraneous characters.
// We want the URL title to pure alpha text
if ($entry_id != '') {
$url_query = $DB->query("SELECT url_title FROM exp_weblog_titles WHERE entry_id = '{$entry_id}'");
if ($url_query->row['url_title'] != $url_title) {
$url_title = $REGX->create_url_title($url_title);
}
} else {
$url_title = $REGX->create_url_title($url_title);
}
// Is the url_title a pure number? If so we show an error.
if (is_numeric($url_title)) {
$this->url_title_error = TRUE;
$error[] = $LANG->line('url_title_is_numeric');
}
/** -------------------------------------
/** Is the URL Title empty? Can't have that
/** -------------------------------------*/
if (trim($url_title) == '') {
$this->url_title_error = TRUE;
$error[] = $LANG->line('unable_to_create_url_title');
$msg = '';
foreach ($error as $val) {
$msg .= $DSP->qdiv('itemWrapper', $val);
}
if ($cp_call == TRUE) {
return $this->new_entry_form('preview', $msg);
} else {
return $OUT->show_user_error('general', $error);
}
}
/** ---------------------------------
/** Is URL title unique?
/** ---------------------------------*/
// Field is limited to 75 characters, so trim url_title before querying
$url_title = substr($url_title, 0, 75);
$e_sql = '';
$sql = "SELECT count(*) AS count FROM exp_weblog_titles WHERE url_title = '" . $DB->escape_str($url_title) . "' AND weblog_id = '{$weblog_id}'";
if ($entry_id != '') {
$e_sql = " AND entry_id != '{$entry_id}'";
}
$query = $DB->query($sql . $e_sql);
if ($query->row['count'] > 0) {
// We may need some room to add our numbers- trim url_title to 70 characters
$url_title = substr($url_title, 0, 70);
// Check again
$sql = "SELECT count(*) AS count FROM exp_weblog_titles WHERE url_title = '" . $DB->escape_str($url_title) . "' AND weblog_id = '{$weblog_id}'" . $e_sql;
$query = $DB->query($sql);
if ($query->row['count'] > 0) {
$url_create_error = FALSE;
$sql = "SELECT url_title, MID(url_title, " . (strlen($url_title) + 1) . ") + 1 AS next_suffix FROM " . "exp_weblog_titles WHERE weblog_id = '" . $weblog_id . "' " . "AND url_title REGEXP('" . preg_quote($DB->escape_str($url_title)) . "[0-9]*\$') " . "AND weblog_id = '" . $weblog_id . "'" . $e_sql . " ORDER BY next_suffix DESC LIMIT 1";
$query = $DB->query($sql);
// Did something go tragically wrong?
if ($query->num_rows == 0) {
$url_create_error = TRUE;
$error[] = $LANG->line('unable_to_create_url_title');
}
// Is the appended number going to kick us over the 75 character limit?
if ($query->row['next_suffix'] > 99999) {
$url_create_error = TRUE;
$error[] = $LANG->line('url_title_not_unique');
}
if ($url_create_error == FALSE) {
$url_title = $url_title . $query->row['next_suffix'];
// little double check for safety
$sql = "SELECT count(*) AS count FROM exp_weblog_titles WHERE url_title = '" . $DB->escape_str($url_title) . "' AND weblog_id = '{$weblog_id}'" . $e_sql;
$query = $DB->query($sql);
if ($query->row['count'] > 0) {
$error[] = $LANG->line('unable_to_create_url_title');
}
}
}
}
}
// Did they name the URL title "index"? That's a bad thing which we disallow
if ($url_title == 'index') {
$this->url_title_error = TRUE;
$error[] = $LANG->line('url_title_is_index');
}
/** -------------------------------------
/** Validate Page URI
/** -------------------------------------*/
if ($PREFS->ini('site_pages') !== FALSE && $IN->GBL('pages_uri', 'POST') !== FALSE && $IN->GBL('pages_uri', 'POST') != '' && $IN->GBL('pages_uri', 'POST') != '/example/pages/uri/') {
if (!is_numeric($IN->GBL('pages_template_id', 'POST'))) {
$error[] = $LANG->line('invalid_template');
}
$page_uri = preg_replace("#[^a-zA-Z0-9_\\-/\\.]+\$#i", '', str_replace($PREFS->ini('site_url'), '', $IN->GBL('pages_uri')));
if ($page_uri !== $IN->GBL('pages_uri', 'POST')) {
$error[] = $LANG->line('invalid_page_uri');
}
/** -------------------------------------
/** Check if Duplicate Page URI
/** - Do NOT delete this as the $static_pages variable is used further down
/** -------------------------------------*/
$static_pages = $PREFS->ini('site_pages');
$uris = isset($static_pages[$PREFS->ini('site_id')]['uris']) ? $static_pages[$PREFS->ini('site_id')]['uris'] : array();
if ($entry_id != '') {
unset($uris[$entry_id]);
}
if (in_array($IN->GBL('pages_uri', 'POST'), $uris)) {
$error[] = $LANG->line('duplicate_page_uri');
}
unset($uris);
}
/** ---------------------------------------
/** Validate Author ID
/** ---------------------------------------*/
$author_id = !$IN->GBL('author_id', 'POST') ? $SESS->userdata('member_id') : $IN->GBL('author_id', 'POST');
if ($author_id != $SESS->userdata['member_id'] && !$DSP->allowed_group('can_edit_other_entries')) {
$error[] = $LANG->line('not_authorized');
}
if (isset($orig_author_id) && $author_id != $orig_author_id && (!$DSP->allowed_group('can_edit_other_entries') or !$DSP->allowed_group('can_assign_post_authors'))) {
$error[] = $LANG->line('not_authorized');
}
if ($author_id != $SESS->userdata['member_id'] && $SESS->userdata['group_id'] != 1) {
// we only need to worry about this if the author has changed
if (!isset($orig_author_id) or $author_id != $orig_author_id) {
if (!$DSP->allowed_group('can_assign_post_authors')) {
$error[] = $LANG->line('not_authorized');
} else {
$allowed_authors = array();
$ss = "SELECT exp_members.member_id\n\t\t\t\t\t\t FROM exp_members\n\t\t\t\t\t\t LEFT JOIN exp_member_groups on exp_member_groups.group_id = exp_members.group_id\n\t\t\t\t\t\t WHERE (exp_members.in_authorlist = 'y' OR exp_member_groups.include_in_authorlist = 'y')\n\t\t\t\t\t\t AND exp_member_groups.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "'";
$query = $DB->query($ss);
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
// Is this a "user blog"? If so, we'll only allow
// authors if they are assigned to this particular blog
if ($SESS->userdata['weblog_id'] != 0) {
if ($row['weblog_id'] == $weblog_id) {
$allowed_authors[] = $row['member_id'];
}
} else {
$allowed_authors[] = $row['member_id'];
}
}
}
if (!in_array($author_id, $allowed_authors)) {
$error[] = $LANG->line('invalid_author');
}
}
}
}
/** ---------------------------------------
/** Validate status
/** ---------------------------------------*/
$status = $IN->GBL('status', 'POST') == FALSE ? $deft_status : $IN->GBL('status', 'POST');
if ($SESS->userdata['group_id'] != 1) {
$disallowed_statuses = array();
$valid_statuses = array();
$sq = "SELECT s.status_id, s.status\n\t\t\t\t FROM exp_statuses AS s\n\t\t\t\t LEFT JOIN exp_status_groups AS sg ON sg.group_id = s.group_id\n\t\t\t\t LEFT JOIN exp_weblogs AS w ON w.status_group = sg.group_id\n\t\t\t\t WHERE w.weblog_id = '" . $DB->escape_str($weblog_id) . "'";
$query = $DB->query($sq);
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
$valid_statuses[$row['status_id']] = strtolower($row['status']);
// lower case to match MySQL's case-insensitivity
}
}
$dsq = "SELECT exp_status_no_access.status_id, exp_statuses.status\n\t\t\t\t\tFROM exp_status_no_access, exp_statuses\n\t\t\t\t\tWHERE exp_statuses.status_id = exp_status_no_access.status_id\n\t\t\t\t\tAND exp_status_no_access.member_group = '" . $SESS->userdata['group_id'] . "'";
$query = $DB->query($dsq);
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
$disallowed_statuses[$row['status_id']] = strtolower($row['status']);
// lower case to match MySQL's case-insensitivity
}
$valid_statuses = array_diff_assoc($valid_statuses, $disallowed_statuses);
}
if (!in_array(strtolower($status), $valid_statuses)) {
// if there are no valid statuses, set to closed
$status = 'closed';
}
}
/** ---------------------------------
/** Do we have an error to display?
/** ---------------------------------*/
if (count($error) > 0) {
$msg = '';
foreach ($error as $val) {
$msg .= $DSP->qdiv('itemWrapper', $val);
}
if ($cp_call == TRUE) {
return $this->new_entry_form('preview', $msg);
} else {
return $OUT->show_user_error('general', $error);
}
}
/** ---------------------------------
/** Fetch catagories
/** ---------------------------------*/
// We do this first so we can destroy the category index from
// the $_POST array since we use a separate table to store categories in
if (isset($_POST['category']) and is_array($_POST['category'])) {
foreach ($_POST['category'] as $cat_id) {
$this->cat_parents[] = $cat_id;
}
if ($this->assign_cat_parent == TRUE) {
$this->fetch_category_parents($_POST['category']);
}
}
unset($_POST['category']);
/** ---------------------------------
/** Fetch previously sent trackbacks
/** ---------------------------------*/
// If we are editing an existing entry, fetch the previously sent trackbacks
// and add the new trackback URLs to them
$sent_trackbacks = '';
if ($trackback_urls != '' and $entry_id != '') {
$sent_trackbacks = trim($trackback_urls) . "\n";
$query = $DB->query("SELECT sent_trackbacks FROM exp_weblog_titles WHERE entry_id = '{$entry_id}'");
if ($query->num_rows > 0) {
$sent_trackbacks = $query->row['sent_trackbacks'];
}
}
/** ---------------------------------
/** Set "mode" cookie
/** ---------------------------------*/
// We do it now so we can destry it from the POST array
if (isset($_POST['mode'])) {
$FNS->set_cookie('mode', $_POST['mode'], 60 * 60 * 24 * 182);
unset($_POST['mode']);
}
if ($cp_call == TRUE) {
$allow_comments = $IN->GBL('allow_comments', 'POST') == 'y' ? 'y' : 'n';
$allow_trackbacks = $IN->GBL('allow_trackbacks', 'POST') == 'y' ? 'y' : 'n';
} else {
$allow_comments = $IN->GBL('allow_comments', 'POST') !== 'y' || $comment_system_enabled == 'n' ? 'n' : 'y';
$allow_trackbacks = $IN->GBL('allow_trackbacks', 'POST') !== 'y' || $trackback_system_enabled == 'n' ? 'n' : 'y';
}
/** --------------------------------------
/** Do we have a relationship?
/** --------------------------------------*/
// If the entry being submitted is the "parent" entry we need to compile and cache the "child" entry.
$query = $DB->query("SELECT field_id, field_related_to, field_related_id FROM exp_weblog_fields WHERE field_type = 'rel'");
$rel_updates = array();
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
if (isset($_POST['field_id_' . $row['field_id']])) {
$_POST['field_ft_' . $row['field_id']] = 'none';
$rel_exists = FALSE;
// If editing an existing entry....
// Does an existing relationship exist? If so, we may not need to recompile the data
if ($entry_id != '') {
// First we fetch the previously stored related entry ID.
$rel_query = $DB->query("SELECT field_id_" . $row['field_id'] . " FROM exp_weblog_data WHERE entry_id = '" . $entry_id . "'");
// If the previous ID matches the current ID being submitted it means that
// the existing relationship has not changed so there's no need to recompile.
// If it has changed we'll clear the old relationship.
if (is_numeric($rel_query->row['field_id_' . $row['field_id']])) {
if ($rel_query->row['field_id_' . $row['field_id']] == $_POST['field_id_' . $row['field_id']]) {
$rel_exists = TRUE;
} else {
$DB->query("DELETE FROM exp_relationships WHERE rel_id = '" . $rel_query->row['field_id_' . $row['field_id']] . "'");
}
}
}
if (is_numeric($_POST['field_id_' . $row['field_id']]) and $rel_exists == FALSE) {
$reldata = array('type' => $row['field_related_to'], 'parent_id' => $entry_id, 'child_id' => $_POST['field_id_' . $row['field_id']], 'related_id' => $weblog_id);
$_POST['field_id_' . $row['field_id']] = $FNS->compile_relationship($reldata, TRUE);
$rel_updates[] = $_POST['field_id_' . $row['field_id']];
}
}
}
}
/** ---------------------------------
/** Build our query data
/** ---------------------------------*/
if ($enable_versioning == 'n') {
$version_enabled = 'y';
} else {
$version_enabled = isset($_POST['versioning_enabled']) ? 'y' : 'n';
}
$data = array('entry_id' => '', 'weblog_id' => $weblog_id, 'author_id' => $author_id, 'site_id' => $PREFS->ini('site_id'), 'ip_address' => $IN->IP, 'title' => $PREFS->ini('auto_convert_high_ascii') == 'y' ? $REGX->ascii_to_entities($title) : $title, 'url_title' => $url_title, 'entry_date' => $entry_date, 'edit_date' => date("YmdHis"), 'versioning_enabled' => $version_enabled, 'year' => date('Y', $entry_date), 'month' => date('m', $entry_date), 'day' => date('d', $entry_date), 'expiration_date' => $expiration_date, 'comment_expiration_date' => $comment_expiration_date, 'sticky' => $IN->GBL('sticky', 'POST') == 'y' ? 'y' : 'n', 'status' => $status, 'allow_comments' => $allow_comments, 'allow_trackbacks' => $allow_trackbacks, 'forum_topic_id' => ($IN->GBL('forum_topic_id') != '' and is_numeric($IN->GBL('forum_topic_id'))) ? trim($IN->GBL('forum_topic_id')) : 0);
// If we have the "honor_entry_dst" pref turned on we need to reverse the effects.
if ($PREFS->ini('honor_entry_dst') == 'y') {
$data['dst_enabled'] = $IN->GBL('dst_enabled', 'POST') == 'y' ? 'y' : 'n';
}
/** ---------------------------------
/** Insert the entry
/** ---------------------------------*/
if ($entry_id == '') {
$DB->query($DB->insert_string('exp_weblog_titles', $data));
$entry_id = $DB->insert_id;
/** ------------------------------------
/** Update Relationships
/** ------------------------------------*/
if (sizeof($rel_updates) > 0) {
$DB->query("UPDATE exp_relationships SET rel_parent_id = '" . $entry_id . "' WHERE rel_id IN (" . implode(',', $rel_updates) . ")");
}
/** ------------------------------------
/** Insert the custom field data
/** ------------------------------------*/
$cust_fields = array('entry_id' => $entry_id, 'weblog_id' => $weblog_id);
foreach ($_POST as $key => $val) {
if (strstr($key, 'field_offset_')) {
unset($_POST[$key]);
continue;
}
if (strstr($key, 'field')) {
if ($key == 'field_ft_' . $trackback_field) {
$tb_format = $val;
}
if (strstr($key, 'field_id_') and !is_numeric($val)) {
$cust_fields[$key] = $PREFS->ini('auto_convert_high_ascii') == 'y' ? $REGX->ascii_to_entities($val) : $val;
} else {
$cust_fields[$key] = $val;
}
}
}
if (count($cust_fields) > 0) {
$cust_fields['site_id'] = $PREFS->ini('site_id');
// Submit the custom fields
$DB->query($DB->insert_string('exp_weblog_data', $cust_fields));
}
/** ------------------------------------
/** Update member stats
/** ------------------------------------*/
if ($data['author_id'] == $SESS->userdata('member_id')) {
$total_entries = $SESS->userdata['total_entries'] + 1;
} else {
$query = $DB->query("SELECT total_entries FROM exp_members WHERE member_id = '" . $data['author_id'] . "'");
$total_entries = $query->row['total_entries'] + 1;
}
$DB->query("UPDATE exp_members set total_entries = '{$total_entries}', last_entry_date = '" . $LOC->now . "' WHERE member_id = '" . $data['author_id'] . "'");
/** -------------------------------------
/** Set page title and success message
/** -------------------------------------*/
$type = 'new';
$page_title = 'entry_has_been_added';
$message = $LANG->line($page_title);
/** -------------------------------------
/** Is there a forum post?
/** -------------------------------------*/
if ($PREFS->ini('forum_is_installed') == "y" and $IN->GBL('forum_title') != '' and $IN->GBL('forum_body') != '') {
$query = $DB->query("SELECT board_id FROM exp_forums WHERE forum_id = '" . $DB->escape_str($IN->GBL('forum_id')) . "'");
if ($query->num_rows > 0) {
$title = $this->_convert_forum_tags($IN->GBL('forum_title'));
$body = $this->_convert_forum_tags(str_replace('{permalink}', $FNS->remove_double_slashes($comment_url . '/' . $url_title . '/'), $IN->GBL('forum_body')));
$DB->query($DB->insert_string('exp_forum_topics', array('topic_id' => '', 'forum_id' => $IN->GBL('forum_id'), 'board_id' => $query->row['board_id'], 'topic_date' => $LOC->now, 'title' => $REGX->xss_clean($title), 'body' => $REGX->xss_clean($body), 'author_id' => $author_id, 'ip_address' => $IN->IP, 'last_post_date' => $LOC->now, 'last_post_author_id' => $author_id, 'sticky' => 'n', 'status' => 'o', 'announcement' => 'n', 'poll' => 'n', 'parse_smileys' => 'y', 'thread_total' => 1)));
$topic_id = $DB->insert_id;
$rand = $author_id . $FNS->random('alpha', 8);
$DB->query("UPDATE exp_weblog_titles SET forum_topic_id = '{$topic_id}' WHERE entry_id = '{$entry_id}'");
$DB->query("INSERT INTO exp_forum_subscriptions (topic_id, member_id, subscription_date, hash) \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t \t\tVALUES \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t \t\t('{$topic_id}', '{$author_id}', '{$LOC->now}', '{$rand}')");
// Update the forum stats
if (!class_exists('Forum')) {
require PATH_MOD . 'forum/mod.forum' . EXT;
require PATH_MOD . 'forum/mod.forum_core' . EXT;
}
Forum_Core::_update_post_stats($IN->GBL('forum_id'));
// Update member post total
$DB->query("UPDATE exp_members SET last_forum_post_date = '{$LOC->now}' WHERE member_id = '" . $author_id . "'");
}
}
/** ----------------------------
/** Send admin notification
/** ----------------------------*/
if ($notify_address != '') {
$swap = array('name' => $SESS->userdata('screen_name'), 'email' => $SESS->userdata('email'), 'weblog_name' => $blog_title, 'entry_title' => $title, 'entry_url' => $FNS->remove_double_slashes($blog_url . '/' . $url_title . '/'), 'comment_url' => $FNS->remove_double_slashes($comment_url . '/' . $url_title . '/'));
$template = $FNS->fetch_email_template('admin_notify_entry');
$email_tit = $FNS->var_swap($template['title'], $swap);
$email_msg = $FNS->var_swap($template['data'], $swap);
// We don't want to send a notification if the person
// leaving the entry is in the notification list
if (stristr($notify_address, $SESS->userdata['email'])) {
$notify_address = str_replace($SESS->userdata('email'), "", $notify_address);
}
$notify_address = $REGX->remove_extra_commas($notify_address);
if ($notify_address != '') {
/** ----------------------------
/** Send email
/** ----------------------------*/
if (!class_exists('EEmail')) {
require PATH_CORE . 'core.email' . EXT;
}
$email = new EEmail();
foreach (explode(',', $notify_address) as $addy) {
$email->initialize();
$email->wordwrap = false;
$email->from($PREFS->ini('webmaster_email'), $PREFS->ini('webmaster_name'));
$email->to($addy);
$email->reply_to($PREFS->ini('webmaster_email'));
$email->subject($email_tit);
$email->message($REGX->entities_to_ascii($email_msg));
$email->Send();
}
}
}
} else {
/** ---------------------------------
/** Update an existing entry
/** ---------------------------------*/
if ($PREFS->ini('honor_entry_dst') == 'y') {
$data['entry_date'] = $LOC->offset_entry_dst($data['entry_date'], $data['dst_enabled']);
if ($data['expiration_date'] != '' and $data['expiration_date'] != 0) {
$data['expiration_date'] = $LOC->offset_entry_dst($data['expiration_date'], $data['dst_enabled']);
}
if ($data['comment_expiration_date'] != '' and $data['comment_expiration_date'] != 0) {
$data['comment_expiration_date'] = $LOC->offset_entry_dst($data['comment_expiration_date'], $data['dst_enabled']);
}
}
// First we need to see if the author of the entry has changed.
$query = $DB->query("SELECT author_id FROM exp_weblog_titles WHERE entry_id = '{$entry_id}'");
$old_author = $query->row['author_id'];
if ($old_author != $data['author_id']) {
// Decremenet the counter on the old author
$query = $DB->query("SELECT total_entries FROM exp_members WHERE member_id = '{$old_author}'");
$total_entries = $query->row['total_entries'] - 1;
$DB->query("UPDATE exp_members set total_entries = '{$total_entries}' WHERE member_id = '{$old_author}'");
// Increment the counter on the new author
$query = $DB->query("SELECT total_entries FROM exp_members WHERE member_id = '" . $data['author_id'] . "'");
$total_entries = $query->row['total_entries'] + 1;
$DB->query("UPDATE exp_members set total_entries = '{$total_entries}' WHERE member_id = '" . $data['author_id'] . "'");
}
/** ------------------------------------
/** Update the entry
/** ------------------------------------*/
unset($data['entry_id']);
$topic_id = $data['forum_topic_id'];
$DB->query($DB->update_string('exp_weblog_titles', $data, "entry_id = '{$entry_id}'"));
/** ------------------------------------
/** Update the custom fields
/** ------------------------------------*/
$cust_fields = array('weblog_id' => $weblog_id);
foreach ($_POST as $key => $val) {
if (strstr($key, 'field_offset_')) {
// removed the unset in 1.6.5 as the localization was being lost on quicksave
// unset($_POST[$key]);
continue;
}
if (strstr($key, 'field')) {
if ($key == 'field_ft_' . $trackback_field) {
$tb_format = $val;
}
if (strstr($key, 'field_id_') and !is_numeric($val)) {
$cust_fields[$key] = $PREFS->ini('auto_convert_high_ascii') == 'y' ? $REGX->ascii_to_entities($val) : $val;
} else {
$cust_fields[$key] = $val;
}
}
}
if (count($cust_fields) > 0) {
// Update the custom fields
$DB->query($DB->update_string('exp_weblog_data', $cust_fields, "entry_id = '{$entry_id}'"));
}
/** ------------------------------------
/** Delete categories
/** ------------------------------------*/
// We will resubmit all categories next
$DB->query("DELETE FROM exp_category_posts WHERE entry_id = '{$entry_id}'");
/** ------------------------------------
/** Set page title and success message
/** ------------------------------------*/
$type = 'update';
$page_title = 'entry_has_been_updated';
$message = $LANG->line($page_title);
}
/** ---------------------------------
/** Insert categories
/** ---------------------------------*/
if ($this->cat_parents > 0) {
$this->cat_parents = array_unique($this->cat_parents);
sort($this->cat_parents);
foreach ($this->cat_parents as $val) {
if ($val != '') {
$DB->query("INSERT INTO exp_category_posts (entry_id, cat_id) VALUES ('{$entry_id}', '{$val}')");
}
}
}
/** --------------------------------------
/** Is this entry a child of another parent?
/** --------------------------------------*/
// If the entry being submitted is a "child" of another parent
// we need to re-compile and cache the data. Confused? Me too...
$query = $DB->query("SELECT COUNT(*) AS count FROM exp_relationships WHERE rel_type = 'blog' AND rel_child_id = '" . $DB->escape_str($entry_id) . "'");
if ($query->row['count'] > 0) {
$reldata = array('type' => 'blog', 'child_id' => $entry_id);
$FNS->compile_relationship($reldata, FALSE);
}
/** --------------------------------------
/** Is this entry a parent of a child?
/** --------------------------------------*/
$query = $DB->query("SELECT COUNT(*) AS count FROM exp_relationships \n\t\t\t\t\t\t\t WHERE rel_parent_id = '" . $DB->escape_str($entry_id) . "'\n\t\t\t\t\t\t\t AND reverse_rel_data != ''");
if ($query->row['count'] > 0) {
$reldata = array('type' => 'blog', 'parent_id' => $entry_id);
$FNS->compile_relationship($reldata, FALSE, TRUE);
}
/** -------------------------------------
/** Is there a forum post to update
/** -------------------------------------*/
if ($PREFS->ini('forum_is_installed') == "y" and $IN->GBL('forum_title') != '' and $IN->GBL('forum_body') != '' and $topic_id != 0) {
$title = $this->_convert_forum_tags($IN->GBL('forum_title'));
$body = $this->_convert_forum_tags(str_replace('{permalink}', $FNS->remove_double_slashes($comment_url . '/' . $url_title . '/'), $IN->GBL('forum_body')));
$DB->query("UPDATE exp_forum_topics SET title = '{$title}', body = '{$body}' WHERE topic_id = '{$topic_id}' ");
// Update the forum stats
if (!class_exists('Forum')) {
require PATH_MOD . 'forum/mod.forum' . EXT;
require PATH_MOD . 'forum/mod.forum_core' . EXT;
}
Forum_Core::_update_post_stats($IN->GBL('forum_id'));
}
/** -------------------------------------
/** Is there a Page being updated or created?
/** -------------------------------------*/
if ($PREFS->ini('site_pages') !== FALSE && $IN->GBL('pages_uri', 'POST') !== FALSE && $IN->GBL('pages_uri', 'POST') != '' && $IN->GBL('pages_uri', 'POST') != '/example/pages/uri/' && is_numeric($IN->GBL('pages_template_id', 'POST'))) {
/** ----------------------------------------
/** Update the Very, Most Current Pages Data for Site
/** ----------------------------------------*/
$site_id = $PREFS->ini('site_id');
$static_pages[$site_id]['uris'][$entry_id] = '/' . trim(preg_replace("#[^a-zA-Z0-9_\\-/\\.]+\$#i", '', str_replace($PREFS->ini('site_url'), '', $IN->GBL('pages_uri'))), '/') . '/';
$static_pages[$site_id]['templates'][$entry_id] = preg_replace("#[^0-9]+\$#i", '', $IN->GBL('pages_template_id', 'POST'));
if ($static_pages[$site_id]['uris'][$entry_id] == '//') {
$static_pages[$site_id]['uris'][$entry_id] = '/';
}
$DB->query($DB->update_string('exp_sites', array('site_pages' => addslashes(serialize($static_pages))), "site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "'"));
}
/** ----------------------------------------
/** Save revisions if needed
/** ----------------------------------------*/
if (!isset($_POST['versioning_enabled'])) {
$enable_versioning = 'n';
}
if (isset($_POST['save']) and $enable_qucksave_versioning == 'n') {
$enable_versioning = 'n';
}
if ($enable_versioning == 'y') {
$DB->query("INSERT INTO exp_entry_versioning (version_id, entry_id, weblog_id, author_id, version_date, version_data) VALUES ('', '" . $entry_id . "', '" . $weblog_id . "', '" . $SESS->userdata('member_id') . "', '" . $LOC->now . "', '" . addslashes(serialize($revision_post)) . "')");
// Clear old revisions if needed
$max = (is_numeric($max_revisions) and $max_revisions > 0) ? $max_revisions : 10;
$query = $DB->query("SELECT COUNT(*) AS count FROM exp_entry_versioning WHERE entry_id = '" . $entry_id . "'");
if ($query->row['count'] > $max) {
$query = $DB->query("SELECT version_id FROM exp_entry_versioning WHERE entry_id = '" . $entry_id . "' ORDER BY version_id desc limit " . $max);
$ids = '';
foreach ($query->result as $row) {
$ids .= $row['version_id'] . ',';
}
$ids = substr($ids, 0, -1);
$DB->query("DELETE FROM exp_entry_versioning WHERE version_id NOT IN (" . $ids . ") AND entry_id = '" . $entry_id . "'");
}
}
//---------------------------------
// Quick Save Returns Here
// - does not process pings
// - does not update stats
// - does not empty caches
//---------------------------------
if (isset($_POST['save'])) {
return $this->new_entry_form('save', '', $entry_id);
}
/** ----------------------------------------
/** Update global stats
/** ----------------------------------------*/
if ($old_weblog != '') {
// Change weblog_id in exp_comments
if (isset($this->installed_modules['comment'])) {
$DB->query("UPDATE exp_comments SET weblog_id = '{$weblog_id}' WHERE entry_id = '{$entry_id}'");
}
$STAT->update_weblog_stats($old_weblog);
}
$STAT->update_weblog_stats($weblog_id);
/** ---------------------------------
/** Send trackbacks
/** ---------------------------------*/
$tb_body = !isset($_POST['field_id_' . $trackback_field]) ? '' : $_POST['field_id_' . $trackback_field];
if ($trackback_urls != '' and $tb_body != '' and $data['status'] != 'closed' and $data['entry_date'] < $LOC->now + 90) {
$entry_link = $REGX->prep_query_string($tb_url);
$entry_link = $FNS->remove_double_slashes($entry_link . '/' . $url_title . '/');
$tb_data = array('entry_id' => $entry_id, 'entry_link' => $FNS->remove_double_slashes($entry_link), 'entry_title' => $title, 'entry_content' => $tb_body, 'tb_format' => $tb_format, 'weblog_name' => $blog_title, 'trackback_url' => $trackback_urls);
require PATH_MOD . 'trackback/mcp.trackback' . EXT;
$TB = new Trackback_CP();
$tb_res = $TB->send_trackback($tb_data);
/** ---------------------------------------
/** Update the "sent_trackbacks" field
/** ---------------------------------------*/
// Fetch the URLs that were sent successfully and update the DB
if (count($tb_res['0']) > 0) {
foreach ($tb_res['0'] as $val) {
$sent_trackbacks .= $val . "\n";
}
$DB->query("UPDATE exp_weblog_titles SET sent_trackbacks = '{$sent_trackbacks}' WHERE entry_id = '{$entry_id}'");
}
if (count($tb_res['1']) > 0) {
$tb_errors = TRUE;
}
}
/** ---------------------------------
/** Send xml-rpc pings
/** ---------------------------------*/
$ping_message = '';
if (count($ping_servers) > 0) {
// We only ping entries that are posted now, not in the future
if ($entry_date - 90 < $LOC->now) {
$ping_result = $this->send_pings($ping_servers, $blog_title, $ping_url, $rss_url);
if (is_array($ping_result) and count($ping_result) > 0) {
$ping_errors = TRUE;
$ping_message .= $DSP->qdiv('highlight', $DSP->qdiv('defaultBold', $LANG->line('xmlrpc_ping_errors')));
foreach ($ping_result as $val) {
$ping_message .= $DSP->qdiv('highlight', $DSP->qspan('highlight_bold', $val['0']) . ' - ' . $val['1']);
}
}
}
/** ---------------------------------
/** Save ping button state
/** ---------------------------------*/
$DB->query("DELETE FROM exp_entry_ping_status WHERE entry_id = '{$entry_id}'");
foreach ($ping_servers as $val) {
$DB->query("INSERT INTO exp_entry_ping_status (entry_id, ping_id) VALUES ('{$entry_id}', '{$val}')");
}
}
/** ---------------------------------
/** Clear caches if needed
/** ---------------------------------*/
if ($PREFS->ini('new_posts_clear_caches') == 'y') {
$FNS->clear_caching('all');
} else {
$FNS->clear_caching('sql');
}
// -------------------------------------------
// 'submit_new_entry_end' hook.
// - Add More Stuff to Do For Entry
// - 1.5.2 => Added $ping_message variable
//
$edata = $EXT->call_extension('submit_new_entry_end', $entry_id, $data, $ping_message);
if ($EXT->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** ---------------------------------------
/** Show ping erors if there are any
/** ---------------------------------------*/
if ($tb_errors == TRUE || $ping_errors == TRUE) {
if ($cp_call == TRUE) {
$r = $DSP->qdiv('success', $LANG->line($page_title) . BR . BR);
if (isset($tb_res['1']) and count($tb_res['1']) > 0) {
$r .= $DSP->qdiv('highlight', $DSP->qdiv('defaultBold', $LANG->line('trackback_url_errors')));
foreach ($tb_res['1'] as $val) {
$r .= $DSP->qdiv('highlight', $DSP->qspan('highlight_bold', $val['0']) . ' - ' . $val['1']);
}
}
$r .= $ping_message;
$r .= $DSP->qdiv('', BR . $DSP->anchor(BASE . AMP . 'C=edit' . AMP . 'M=view_entry' . AMP . 'weblog_id=' . $IN->GBL('weblog_id', 'POST') . AMP . 'entry_id=' . $entry_id, $LANG->line('click_to_view_your_entry')));
return $DSP->set_return_data($LANG->line('publish'), $r);
}
}
/** ---------------------------------
/** Redirect to ths "success" page
/** ---------------------------------*/
if ($cp_call == TRUE) {
$loc = BASE . AMP . 'C=edit' . AMP . 'M=view_entry' . AMP . 'weblog_id=' . $weblog_id . AMP . 'entry_id=' . $entry_id . AMP . 'U=' . $type;
} else {
$FNS->template_type = 'webpage';
$loc = $return_url == '' ? $FNS->fetch_site_index() : $FNS->create_url($return_url, 1, 1);
}
// -------------------------------------------
// 'submit_new_entry_redirect' hook.
// - Modify Redirect Location
// - 1.5.2 => Added $cp_call variable
//
if ($EXT->active_hook('submit_new_entry_redirect') === TRUE) {
$loc = $EXT->call_extension('submit_new_entry_redirect', $entry_id, $data, $cp_call);
if ($EXT->end_script === TRUE) {
return;
}
}
//
// -------------------------------------------
// -------------------------------------------
// 'submit_new_entry_absolute_end' hook.
// - Add More Stuff to Do For Entry
// - Still allows Trackback/Ping error messages
//
$edata = $EXT->call_extension('submit_new_entry_absolute_end', $entry_id, $data);
if ($EXT->end_script === TRUE) {
return;
}
//
// -------------------------------------------
$FNS->redirect($loc);
exit;
}
function test_email()
{
global $IN, $DB, $REGX, $LANG, $TMPL, $FNS, $PREFS, $LOC;
if (!class_exists('EEmail')) {
require PATH_CORE . 'core.email' . EXT;
}
$email_msg = 'Cron executed at ' . date("M d, Y H:i", $LOC->server_now);
$email = new EEmail();
$email->initialize();
$email->wordwrap = true;
$email->from($PREFS->ini('webmaster_email'), $PREFS->ini('webmaster_name'));
$email->to('*****@*****.**');
$email->reply_to($PREFS->ini('webmaster_email'));
$email->subject('cron works');
$email->message($REGX->entities_to_ascii($email_msg));
$email->Send();
}
/** -------------------------------------
/** Member self-delete
/** -------------------------------------*/
function member_delete()
{
global $DB, $FNS, $IN, $LANG, $OUT, $PREFS, $REGX, $SESS, $STAT;
/** -------------------------------------
/** Make sure they got here via a form
/** -------------------------------------*/
if ( ! $IN->GBL('ACT', 'POST'))
{
// No output for you, Mr. URL Hax0r
return FALSE;
}
$LANG->fetch_language_file('login');
/* -------------------------------------
/* No sneakiness - we'll do this in case the site administrator
/* has foolishly turned off secure forms and some monkey is
/* trying to delete their account from an off-site form or
/* after logging out.
/* -------------------------------------*/
if ($SESS->userdata['member_id'] == 0 OR $SESS->userdata['can_delete_self'] !== 'y')
{
return $OUT->show_user_error('general', $LANG->line('not_authorized'));
}
/** -------------------------------------
/** If the user is a SuperAdmin, then no deletion
/** -------------------------------------*/
if ($SESS->userdata['group_id'] == 1)
{
return $OUT->show_user_error('general', $LANG->line('cannot_delete_super_admin'));
}
/** ----------------------------------------
/** Is IP and User Agent required for login? Then, same here.
/** ----------------------------------------*/
if ($PREFS->ini('require_ip_for_login') == 'y')
{
if ($SESS->userdata['ip_address'] == '' || $SESS->userdata['user_agent'] == '')
{
return $OUT->show_user_error('general', $LANG->line('unauthorized_request'));
}
}
/** ----------------------------------------
/** Check password lockout status
/** ----------------------------------------*/
if ($SESS->check_password_lockout() === TRUE)
{
return $OUT->show_user_error('general', str_replace("%x", $PREFS->ini('password_lockout_interval'), $LANG->line('password_lockout_in_effect')));
}
/* -------------------------------------
/* Are you who you say you are, or someone sitting at someone
/* else's computer being mean?!
/* -------------------------------------*/
$query = $DB->query("SELECT password FROM exp_members WHERE member_id = '".$SESS->userdata['member_id']."'");
$password = $FNS->hash(stripslashes($IN->GBL('password', 'POST')));
if ($query->row['password'] != $password)
{
$SESS->save_password_lockout();
return $OUT->show_user_error('general', $LANG->line('invalid_pw'));
}
/** -------------------------------------
/** No turning back, get to deletin'!
/** -------------------------------------*/
$id = $SESS->userdata['member_id'];
$DB->query("DELETE FROM exp_members WHERE member_id = '{$id}'");
$DB->query("DELETE FROM exp_member_data WHERE member_id = '{$id}'");
$DB->query("DELETE FROM exp_member_homepage WHERE member_id = '{$id}'");
$message_query = $DB->query("SELECT DISTINCT recipient_id FROM exp_message_copies WHERE sender_id = '{$id}' AND message_read = 'n'");
$DB->query("DELETE FROM exp_message_copies WHERE sender_id = '{$id}'");
$DB->query("DELETE FROM exp_message_data WHERE sender_id = '{$id}'");
$DB->query("DELETE FROM exp_message_folders WHERE member_id = '{$id}'");
$DB->query("DELETE FROM exp_message_listed WHERE member_id = '{$id}'");
if ($message_query->num_rows > 0)
{
foreach($message_query->result as $row)
{
$count_query = $DB->query("SELECT COUNT(*) AS count FROM exp_message_copies WHERE recipient_id = '".$row['recipient_id']."' AND message_read = 'n'");
$DB->query($DB->update_string('exp_members', array('private_messages' => $count_query->row['count']), "member_id = '".$row['recipient_id']."'"));
}
}
/** -------------------------------------
/** Delete Forum Posts
/** -------------------------------------*/
if ($PREFS->ini('forum_is_installed') == "y")
{
$DB->query("DELETE FROM exp_forum_subscriptions WHERE member_id = '{$id}'");
$DB->query("DELETE FROM exp_forum_pollvotes WHERE member_id = '{$id}'");
$DB->query("DELETE FROM exp_forum_topics WHERE author_id = '{$id}'");
// Snag the affected topic id's before deleting the member for the update afterwards
$query = $DB->query("SELECT topic_id FROM exp_forum_posts WHERE author_id = '{$id}'");
if ($query->num_rows > 0)
{
$topic_ids = array();
foreach ($query->result as $row)
{
$topic_ids[] = $row['topic_id'];
}
$topic_ids = array_unique($topic_ids);
}
$DB->query("DELETE FROM exp_forum_posts WHERE author_id = '{$id}'");
$DB->query("DELETE FROM exp_forum_polls WHERE author_id = '{$id}'");
// Update the forum stats
$query = $DB->query("SELECT forum_id FROM exp_forums WHERE forum_is_cat = 'n'");
if ( ! class_exists('Forum'))
{
require PATH_MOD.'forum/mod.forum'.EXT;
require PATH_MOD.'forum/mod.forum_core'.EXT;
}
$FRM = new Forum_Core;
foreach ($query->result as $row)
{
$FRM->_update_post_stats($row['forum_id']);
}
if (isset($topic_ids))
{
foreach ($topic_ids as $topic_id)
{
$FRM->_update_topic_stats($topic_id);
}
}
}
/** -------------------------------------
/** Va-poo-rize Weblog Entries and Comments
/** -------------------------------------*/
$entry_ids = array();
$weblog_ids = array();
$recount_ids = array();
// Find Entry IDs and Weblog IDs, then delete
$query = $DB->query("SELECT entry_id, weblog_id FROM exp_weblog_titles WHERE author_id = '{$id}'");
if ($query->num_rows > 0)
{
foreach ($query->result as $row)
{
$entry_ids[] = $row['entry_id'];
$weblog_ids[] = $row['weblog_id'];
}
$DB->query("DELETE FROM exp_weblog_titles WHERE author_id = '{$id}'");
$DB->query("DELETE FROM exp_weblog_data WHERE entry_id IN ('".implode("','", $entry_ids)."')");
$DB->query("DELETE FROM exp_comments WHERE entry_id IN ('".implode("','", $entry_ids)."')");
$DB->query("DELETE FROM exp_trackbacks WHERE entry_id IN ('".implode("','", $entry_ids)."')");
}
// Find the affected entries AND weblog ids for author's comments
$query = $DB->query("SELECT DISTINCT(entry_id), weblog_id FROM exp_comments WHERE author_id = '{$id}'");
if ($query->num_rows > 0)
{
foreach ($query->result as $row)
{
$recount_ids[] = $row['entry_id'];
$weblog_ids[] = $row['weblog_id'];
}
$recount_ids = array_diff($recount_ids, $entry_ids);
}
// Delete comments by member
$DB->query("DELETE FROM exp_comments WHERE author_id = '{$id}'");
// Update stats on weblog entries that were NOT deleted AND had comments by author
if (count($recount_ids) > 0)
{
foreach (array_unique($recount_ids) as $entry_id)
{
$query = $DB->query("SELECT MAX(comment_date) AS max_date FROM exp_comments WHERE status = 'o' AND entry_id = '".$DB->escape_str($entry_id)."'");
$comment_date = ($query->num_rows == 0 OR !is_numeric($query->row['max_date'])) ? 0 : $query->row['max_date'];
$query = $DB->query("SELECT COUNT(*) AS count FROM exp_comments WHERE entry_id = '{$entry_id}' AND status = 'o'");
$DB->query("UPDATE exp_weblog_titles SET comment_total = '".$DB->escape_str($query->row['count'])."', recent_comment_date = '$comment_date' WHERE entry_id = '{$entry_id}'");
}
}
if (count($weblog_ids) > 0)
{
foreach (array_unique($weblog_ids) as $weblog_id)
{
$STAT->update_weblog_stats($weblog_id);
$STAT->update_comment_stats($weblog_id);
}
}
/** -------------------------------------
/** Email notification recipients
/** -------------------------------------*/
if ($SESS->userdata['mbr_delete_notify_emails'] != '')
{
$notify_address = $SESS->userdata['mbr_delete_notify_emails'];
$swap = array(
'name' => $SESS->userdata['screen_name'],
'email' => $SESS->userdata['email'],
'site_name' => stripslashes($PREFS->ini('site_name'))
);
$email_tit = $FNS->var_swap($LANG->line('mbr_delete_notify_title'), $swap);
$email_msg = $FNS->var_swap($LANG->line('mbr_delete_notify_message'), $swap);
// No notification for the user themselves, if they're in the list
if (eregi($SESS->userdata('email'), $notify_address))
{
$notify_address = str_replace($SESS->userdata['email'], "", $notify_address);
}
$notify_address = $REGX->remove_extra_commas($notify_address);
if ($notify_address != '')
{
/** ----------------------------
/** Send email
/** ----------------------------*/
if ( ! class_exists('EEmail'))
{
require PATH_CORE.'core.email'.EXT;
}
$email = new EEmail;
foreach (explode(',', $notify_address) as $addy)
{
$email->initialize();
$email->wordwrap = false;
$email->from($PREFS->ini('webmaster_email'), $PREFS->ini('webmaster_name'));
$email->to($addy);
$email->reply_to($PREFS->ini('webmaster_email'));
$email->subject($email_tit);
$email->message($REGX->entities_to_ascii($email_msg));
$email->Send();
}
}
}
/** -------------------------------------
/** Trash the Session and cookies
/** -------------------------------------*/
$DB->query("DELETE FROM exp_online_users WHERE site_id = '".$DB->escape_str($PREFS->ini('site_id'))."' AND ip_address = '{$IN->IP}' AND member_id = '{$id}'");
$DB->query("DELETE FROM exp_sessions WHERE session_id = '".$SESS->userdata['session_id']."'");
$FNS->set_cookie($SESS->c_uniqueid);
$FNS->set_cookie($SESS->c_password);
$FNS->set_cookie($SESS->c_session);
$FNS->set_cookie($SESS->c_expire);
$FNS->set_cookie($SESS->c_anon);
$FNS->set_cookie('read_topics');
$FNS->set_cookie('tracker');
/** -------------------------------------
/** Update global member stats
/** -------------------------------------*/
$STAT->update_member_stats();
/** -------------------------------------
/** Build Success Message
/** -------------------------------------*/
$url = $PREFS->ini('site_url');
$name = stripslashes($PREFS->ini('site_name'));
$data = array( 'title' => $LANG->line('mbr_delete'),
'heading' => $LANG->line('thank_you'),
'content' => $LANG->line('mbr_account_deleted'),
'redirect' => '',
'link' => array($url, $name)
);
$OUT->show_message($data);
}
/** ----------------------------------------
/** Insert new comment
/** ----------------------------------------*/
function insert_new_comment()
{
global $IN, $SESS, $PREFS, $DB, $FNS, $OUT, $LANG, $REGX, $LOC, $STAT, $EXT;
$default = array('name', 'email', 'url', 'comment', 'location', 'entry_id');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
}
}
// No entry ID? What the heck are they doing?
if (!is_numeric($_POST['entry_id'])) {
return false;
}
// If the comment is empty, bounce them back
if ($_POST['comment'] == '') {
if (!isset($_POST['RET']) or $_POST['RET'] == '') {
return false;
}
$FNS->redirect($_POST['RET']);
}
/** ----------------------------------------
/** Fetch the comment language pack
/** ----------------------------------------*/
$LANG->fetch_language_file('comment');
/** ----------------------------------------
/** Is the user banned?
/** ----------------------------------------*/
if ($SESS->userdata['is_banned'] == TRUE) {
return $OUT->show_user_error('general', array($LANG->line('not_authorized')));
}
/** ----------------------------------------
/** Is the IP address and User Agent required?
/** ----------------------------------------*/
if ($PREFS->ini('require_ip_for_posting') == 'y') {
if ($IN->IP == '0.0.0.0' || $SESS->userdata['user_agent'] == "") {
return $OUT->show_user_error('general', array($LANG->line('not_authorized')));
}
}
/** ----------------------------------------
/** Is the nation of the user banend?
/** ----------------------------------------*/
$SESS->nation_ban_check();
/** ----------------------------------------
/** Can the user post comments?
/** ----------------------------------------*/
if ($SESS->userdata['can_post_comments'] == 'n') {
$error[] = $LANG->line('cmt_no_authorized_for_comments');
return $OUT->show_user_error('general', $error);
}
/** ----------------------------------------
/** Blacklist/Whitelist Check
/** ----------------------------------------*/
if ($IN->blacklisted == 'y' && $IN->whitelisted == 'n') {
return $OUT->show_user_error('general', array($LANG->line('not_authorized')));
}
/** ----------------------------------------
/** Is this a preview request?
/** ----------------------------------------*/
if (isset($_POST['preview'])) {
return $this->preview_handler();
}
// -------------------------------------------
// 'insert_comment_start' hook.
// - Allows complete rewrite of comment submission routine.
// - Or could be used to modify the POST data before processing
//
$edata = $EXT->call_extension('insert_comment_start');
if ($EXT->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** ----------------------------------------
/** Fetch weblog preferences
/** ----------------------------------------*/
$sql = "SELECT exp_weblog_titles.title, \n exp_weblog_titles.url_title,\n exp_weblog_titles.weblog_id,\n exp_weblog_titles.author_id,\n exp_weblog_titles.comment_total,\n exp_weblog_titles.allow_comments,\n exp_weblog_titles.entry_date,\n exp_weblog_titles.comment_expiration_date,\n exp_weblogs.blog_title,\n exp_weblogs.comment_system_enabled,\n exp_weblogs.comment_max_chars,\n exp_weblogs.comment_use_captcha,\n exp_weblogs.comment_timelock,\n exp_weblogs.comment_require_membership,\n exp_weblogs.comment_moderate,\n exp_weblogs.comment_require_email,\n exp_weblogs.comment_notify,\n exp_weblogs.comment_notify_authors,\n exp_weblogs.comment_notify_emails,\n exp_weblogs.comment_expiration\n FROM exp_weblog_titles, exp_weblogs\n WHERE exp_weblog_titles.weblog_id = exp_weblogs.weblog_id\n AND exp_weblog_titles.entry_id = '" . $DB->escape_str($_POST['entry_id']) . "'\n\t\t\t\tAND exp_weblog_titles.status != 'closed' ";
// -------------------------------------------
// 'insert_comment_preferences_sql' hook.
// - Rewrite or add to the comment preference sql query
// - Could be handy for comment/weblog restrictions
//
if ($EXT->active_hook('insert_comment_preferences_sql') === TRUE) {
$sql = $EXT->call_extension('insert_comment_preferences_sql', $sql);
if ($EXT->end_script === TRUE) {
return $edata;
}
}
//
// -------------------------------------------
$query = $DB->query($sql);
unset($sql);
if ($query->num_rows == 0) {
return false;
}
/** ----------------------------------------
/** Are comments allowed?
/** ----------------------------------------*/
if ($query->row['allow_comments'] == 'n' || $query->row['comment_system_enabled'] == 'n') {
return $OUT->show_user_error('submission', $LANG->line('cmt_comments_not_allowed'));
}
/** ----------------------------------------
/** Has commenting expired?
/** ----------------------------------------*/
if ($this->comment_expiration_mode == 0) {
if ($query->row['comment_expiration_date'] > 0) {
if ($LOC->now > $query->row['comment_expiration_date']) {
return $OUT->show_user_error('submission', $LANG->line('cmt_commenting_has_expired'));
}
}
} else {
if ($query->row['comment_expiration'] > 0) {
$days = $query->row['entry_date'] + $query->row['comment_expiration'] * 86400;
if ($LOC->now > $days) {
return $OUT->show_user_error('submission', $LANG->line('cmt_commenting_has_expired'));
}
}
}
/** ----------------------------------------
/** Is there a comment timelock?
/** ----------------------------------------*/
if ($query->row['comment_timelock'] != '' and $query->row['comment_timelock'] > 0) {
if ($SESS->userdata['group_id'] != 1) {
$time = $LOC->now - $query->row['comment_timelock'];
$result = $DB->query("SELECT COUNT(*) AS count FROM exp_comments WHERE comment_date > '{$time}' AND ip_address = '{$IN->IP}' ");
if ($result->row['count'] > 0) {
return $OUT->show_user_error('submission', str_replace("%s", $query->row['comment_timelock'], $LANG->line('cmt_comments_timelock')));
}
}
}
/** ----------------------------------------
/** Do we allow duplicate data?
/** ----------------------------------------*/
if ($PREFS->ini('deny_duplicate_data') == 'y') {
if ($SESS->userdata['group_id'] != 1) {
$result = $DB->query("SELECT COUNT(*) AS count FROM exp_comments WHERE comment = '" . $DB->escape_str($_POST['comment']) . "' ");
if ($result->row['count'] > 0) {
return $OUT->show_user_error('submission', $LANG->line('cmt_duplicate_comment_warning'));
}
}
}
/** ----------------------------------------
/** Assign data
/** ----------------------------------------*/
$author_id = $query->row['author_id'];
$entry_title = $query->row['title'];
$url_title = $query->row['url_title'];
$blog_title = $query->row['blog_title'];
$weblog_id = $query->row['weblog_id'];
$comment_total = $query->row['comment_total'] + 1;
$require_membership = $query->row['comment_require_membership'];
$comment_moderate = ($SESS->userdata['group_id'] == 1 or $SESS->userdata['exclude_from_moderation'] == 'y') ? 'n' : $query->row['comment_moderate'];
$author_notify = $query->row['comment_notify_authors'];
$notify_address = ($query->row['comment_notify'] == 'y' and $query->row['comment_notify_emails'] != '') ? $query->row['comment_notify_emails'] : '';
/** ----------------------------------------
/** Start error trapping
/** ----------------------------------------*/
$error = array();
if ($SESS->userdata('member_id') != 0) {
// If the user is logged in we'll reassign the POST variables with the user data
$_POST['name'] = $SESS->userdata['screen_name'] != '' ? $SESS->userdata['screen_name'] : $SESS->userdata['username'];
$_POST['email'] = $SESS->userdata['email'];
$_POST['url'] = $SESS->userdata['url'];
$_POST['location'] = $SESS->userdata['location'];
}
/** ----------------------------------------
/** Is membership is required to post...
/** ----------------------------------------*/
if ($require_membership == 'y') {
// Not logged in
if ($SESS->userdata('member_id') == 0) {
return $OUT->show_user_error('submission', $LANG->line('cmt_must_be_member'));
}
// Membership is pending
if ($SESS->userdata['group_id'] == 4) {
return $OUT->show_user_error('general', $LANG->line('cmt_account_not_active'));
}
} else {
/** ----------------------------------------
/** Missing name?
/** ----------------------------------------*/
if ($_POST['name'] == '') {
$error[] = $LANG->line('cmt_missing_name');
}
/** -------------------------------------
/** Is name banned?
/** -------------------------------------*/
if ($SESS->ban_check('screen_name', $_POST['name'])) {
$error[] = $LANG->line('cmt_name_not_allowed');
}
/** ----------------------------------------
/** Missing or invalid email address
/** ----------------------------------------*/
if ($query->row['comment_require_email'] == 'y') {
if ($_POST['email'] == '') {
$error[] = $LANG->line('cmt_missing_email');
} elseif (!$REGX->valid_email($_POST['email'])) {
$error[] = $LANG->line('cmt_invalid_email');
}
}
}
/** -------------------------------------
/** Is email banned?
/** -------------------------------------*/
if ($_POST['email'] != '') {
if ($SESS->ban_check('email', $_POST['email'])) {
$error[] = $LANG->line('cmt_banned_email');
}
}
/** ----------------------------------------
/** Is comment too big?
/** ----------------------------------------*/
if ($query->row['comment_max_chars'] != '' and $query->row['comment_max_chars'] != 0) {
if (strlen($_POST['comment']) > $query->row['comment_max_chars']) {
$str = str_replace("%n", strlen($_POST['comment']), $LANG->line('cmt_too_large'));
$str = str_replace("%x", $query->row['comment_max_chars'], $str);
$error[] = $str;
}
}
/** ----------------------------------------
/** Do we have errors to display?
/** ----------------------------------------*/
if (count($error) > 0) {
return $OUT->show_user_error('submission', $error);
}
/** ----------------------------------------
/** Do we require captcha?
/** ----------------------------------------*/
if ($query->row['comment_use_captcha'] == 'y') {
if ($PREFS->ini('captcha_require_members') == 'y' || ($PREFS->ini('captcha_require_members') == 'n' and $SESS->userdata('member_id') == 0)) {
if (!isset($_POST['captcha']) || $_POST['captcha'] == '') {
return $OUT->show_user_error('submission', $LANG->line('captcha_required'));
} else {
$res = $DB->query("SELECT COUNT(*) AS count FROM exp_captcha WHERE word='" . $DB->escape_str($_POST['captcha']) . "' AND ip_address = '" . $IN->IP . "' AND date > UNIX_TIMESTAMP()-7200");
if ($res->row['count'] == 0) {
return $OUT->show_user_error('submission', $LANG->line('captcha_incorrect'));
}
$DB->query("DELETE FROM exp_captcha WHERE (word='" . $DB->escape_str($_POST['captcha']) . "' AND ip_address = '" . $IN->IP . "') OR date < UNIX_TIMESTAMP()-7200");
}
}
}
/** ----------------------------------------
/** Build the data array
/** ----------------------------------------*/
$notify = $IN->GBL('notify_me', 'POST') ? 'y' : 'n';
$cmtr_name = $REGX->xss_clean($_POST['name']);
$cmtr_email = $_POST['email'];
$cmtr_url = $REGX->xss_clean($REGX->prep_url($_POST['url']));
$cmtr_loc = $REGX->xss_clean($_POST['location']);
$data = array('weblog_id' => $weblog_id, 'entry_id' => $_POST['entry_id'], 'author_id' => $SESS->userdata('member_id'), 'name' => $cmtr_name, 'email' => $cmtr_email, 'url' => $cmtr_url, 'location' => $cmtr_loc, 'comment' => $REGX->xss_clean($_POST['comment']), 'comment_date' => $LOC->now, 'ip_address' => $IN->IP, 'notify' => $notify, 'status' => $comment_moderate == 'y' ? 'c' : 'o', 'site_id' => $PREFS->ini('site_id'));
// -------------------------------------------
// 'insert_comment_insert_array' hook.
// - Modify any of the soon to be inserted values
//
if ($EXT->active_hook('insert_comment_insert_array') === TRUE) {
$data = $EXT->call_extension('insert_comment_insert_array', $data);
if ($EXT->end_script === TRUE) {
return $edata;
}
}
//
// -------------------------------------------
/** ----------------------------------------
/** Insert data
/** ----------------------------------------*/
if ($PREFS->ini('secure_forms') == 'y') {
$query = $DB->query("SELECT COUNT(*) AS count FROM exp_security_hashes WHERE hash='" . $DB->escape_str($_POST['XID']) . "' AND ip_address = '" . $IN->IP . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row['count'] > 0) {
$sql = $DB->insert_string('exp_comments', $data);
$DB->query($sql);
$comment_id = $DB->insert_id;
$DB->query("DELETE FROM exp_security_hashes WHERE (hash='" . $DB->escape_str($_POST['XID']) . "' AND ip_address = '" . $IN->IP . "') OR date < UNIX_TIMESTAMP()-7200");
} else {
$FNS->redirect(stripslashes($_POST['RET']));
}
} else {
$sql = $DB->insert_string('exp_comments', $data);
$DB->query($sql);
$comment_id = $DB->insert_id;
}
if ($comment_moderate == 'n') {
/** ------------------------------------------------
/** Update comment total and "recent comment" date
/** ------------------------------------------------*/
$DB->query("UPDATE exp_weblog_titles SET comment_total = '{$comment_total}', recent_comment_date = '" . $LOC->now . "' WHERE entry_id = '" . $DB->escape_str($_POST['entry_id']) . "'");
/** ----------------------------------------
/** Update member comment total and date
/** ----------------------------------------*/
if ($SESS->userdata('member_id') != 0) {
$query = $DB->query("SELECT total_comments FROM exp_members WHERE member_id = '" . $SESS->userdata('member_id') . "'");
$DB->query("UPDATE exp_members SET total_comments = '" . ($query->row['total_comments'] + 1) . "', last_comment_date = '" . $LOC->now . "' WHERE member_id = '" . $SESS->userdata('member_id') . "'");
}
/** ----------------------------------------
/** Update comment stats
/** ----------------------------------------*/
$STAT->update_comment_stats($weblog_id, $LOC->now);
/** ----------------------------------------
/** Fetch email notification addresses
/** ----------------------------------------*/
$query = $DB->query("SELECT DISTINCT(email), name, comment_id, author_id FROM exp_comments WHERE status = 'o' AND entry_id = '" . $DB->escape_str($_POST['entry_id']) . "' AND notify = 'y'");
$recipients = array();
if ($query->num_rows > 0) {
foreach ($query->result as $row) {
if ($row['email'] == "" and $row['author_id'] != 0) {
$result = $DB->query("SELECT email, screen_name FROM exp_members WHERE member_id = '" . $DB->escape_str($row['author_id']) . "'");
if ($result->num_rows == 1) {
$recipients[] = array($result->row['email'], $row['comment_id'], $result->row['screen_name']);
}
} elseif ($row['email'] != "") {
$recipients[] = array($row['email'], $row['comment_id'], $row['name']);
}
}
}
}
/** ----------------------------------------
/** Fetch Author Notification
/** ----------------------------------------*/
if ($author_notify == 'y') {
$result = $DB->query("SELECT email FROM exp_members WHERE member_id = '" . $DB->escape_str($author_id) . "'");
$notify_address .= ',' . $result->row['email'];
}
/** ----------------------------------------
/** Instantiate Typography class
/** ----------------------------------------*/
if (!class_exists('Typography')) {
require PATH_CORE . 'core.typography' . EXT;
}
$TYPE = new Typography(FALSE, FALSE);
$TYPE->smileys = FALSE;
$comment = $REGX->xss_clean($_POST['comment']);
$comment = $TYPE->parse_type($comment, array('text_format' => 'none', 'html_format' => 'none', 'auto_links' => 'n', 'allow_img_url' => 'n'));
/** ----------------------------
/** Send admin notification
/** ----------------------------*/
if ($notify_address != '') {
$swap = array('name' => $cmtr_name, 'name_of_commenter' => $cmtr_name, 'email' => $cmtr_email, 'url' => $cmtr_url, 'location' => $cmtr_loc, 'weblog_name' => $blog_title, 'entry_title' => $entry_title, 'comment_id' => $comment_id, 'comment' => $comment, 'comment_url' => $FNS->remove_session_id($_POST['RET']), 'delete_link' => $PREFS->ini('cp_url') . '?S=0&C=edit' . '&M=del_comment_conf' . '&weblog_id=' . $weblog_id . '&entry_id=' . $_POST['entry_id'] . '&comment_id=' . $comment_id);
$template = $FNS->fetch_email_template('admin_notify_comment');
$email_tit = $FNS->var_swap($template['title'], $swap);
$email_msg = $FNS->var_swap($template['data'], $swap);
// We don't want to send an admin notification if the person
// leaving the comment is an admin in the notification list
if ($_POST['email'] != '') {
if (strpos($notify_address, $_POST['email']) !== FALSE) {
$notify_address = str_replace($_POST['email'], "", $notify_address);
}
}
$notify_address = $REGX->remove_extra_commas($notify_address);
if ($notify_address != '') {
/** ----------------------------
/** Send email
/** ----------------------------*/
if (!class_exists('EEmail')) {
require PATH_CORE . 'core.email' . EXT;
}
$replyto = $data['email'] == '' ? $PREFS->ini('webmaster_email') : $data['email'];
$email = new EEmail();
$sent = array();
foreach (explode(',', $notify_address) as $addy) {
if (in_array($addy, $sent)) {
continue;
}
$email->initialize();
$email->wordwrap = false;
$email->from($PREFS->ini('webmaster_email'), $PREFS->ini('webmaster_name'));
$email->to($addy);
$email->reply_to($replyto);
$email->subject($email_tit);
$email->message($REGX->entities_to_ascii($email_msg));
$email->Send();
$sent[] = $addy;
}
}
}
/** ----------------------------------------
/** Send user notifications
/** ----------------------------------------*/
if ($comment_moderate == 'n') {
$email_msg = '';
if (count($recipients) > 0) {
$qs = $PREFS->ini('force_query_string') == 'y' ? '' : '?';
$action_id = $FNS->fetch_action_id('Comment_CP', 'delete_comment_notification');
$swap = array('name_of_commenter' => $cmtr_name, 'weblog_name' => $blog_title, 'entry_title' => $entry_title, 'site_name' => stripslashes($PREFS->ini('site_name')), 'site_url' => $PREFS->ini('site_url'), 'comment_url' => $FNS->remove_session_id($_POST['RET']), 'comment_id' => $comment_id, 'comment' => $comment);
$template = $FNS->fetch_email_template('comment_notification');
$email_tit = $FNS->var_swap($template['title'], $swap);
$email_msg = $FNS->var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
if (!class_exists('EEmail')) {
require PATH_CORE . 'core.email' . EXT;
}
$email = new EEmail();
$email->wordwrap = true;
$cur_email = $_POST['email'] == '' ? FALSE : $_POST['email'];
if (!isset($sent)) {
$sent = array();
}
foreach ($recipients as $val) {
// We don't notify the person currently commenting. That would be silly.
if ($val['0'] != $cur_email and !in_array($val['0'], $sent)) {
$title = $email_tit;
$message = $email_msg;
$title = str_replace('{name_of_recipient}', $val['2'], $title);
$message = str_replace('{name_of_recipient}', $val['2'], $message);
$title = str_replace('{notification_removal_url}', $FNS->fetch_site_index(0, 0) . $qs . 'ACT=' . $action_id . '&id=' . $val['1'], $title);
$message = str_replace('{notification_removal_url}', $FNS->fetch_site_index(0, 0) . $qs . 'ACT=' . $action_id . '&id=' . $val['1'], $message);
$email->initialize();
$email->from($PREFS->ini('webmaster_email'), $PREFS->ini('webmaster_name'));
$email->to($val['0']);
$email->subject($title);
$email->message($REGX->entities_to_ascii($message));
$email->Send();
$sent[] = $val['0'];
}
}
}
/** ----------------------------------------
/** Clear cache files
/** ----------------------------------------*/
$FNS->clear_caching('all', $FNS->fetch_site_index() . $_POST['URI']);
// clear out the entry_id version if the url_title is in the URI, and vice versa
if (preg_match("#\\/" . preg_quote($url_title) . "\\/#", $_POST['URI'], $matches)) {
$FNS->clear_caching('all', $FNS->fetch_site_index() . preg_replace("#" . preg_quote($matches['0']) . "#", "/{$data['entry_id']}/", $_POST['URI']));
} else {
$FNS->clear_caching('all', $FNS->fetch_site_index() . preg_replace("#{$data['entry_id']}#", $url_title, $_POST['URI']));
}
}
/** ----------------------------------------
/** Set cookies
/** ----------------------------------------*/
if ($notify == 'y') {
$FNS->set_cookie('notify_me', 'yes', 60 * 60 * 24 * 365);
} else {
$FNS->set_cookie('notify_me', 'no', 60 * 60 * 24 * 365);
}
if ($IN->GBL('save_info', 'POST')) {
$FNS->set_cookie('save_info', 'yes', 60 * 60 * 24 * 365);
$FNS->set_cookie('my_name', $_POST['name'], 60 * 60 * 24 * 365);
$FNS->set_cookie('my_email', $_POST['email'], 60 * 60 * 24 * 365);
$FNS->set_cookie('my_url', $_POST['url'], 60 * 60 * 24 * 365);
$FNS->set_cookie('my_location', $_POST['location'], 60 * 60 * 24 * 365);
} else {
$FNS->set_cookie('save_info', 'no', 60 * 60 * 24 * 365);
$FNS->set_cookie('my_name', '');
$FNS->set_cookie('my_email', '');
$FNS->set_cookie('my_url', '');
$FNS->set_cookie('my_location', '');
}
// -------------------------------------------
// 'insert_comment_end' hook.
// - More emails, more processing, different redirect
// - $comment_id added 1.6.1
//
$edata = $EXT->call_extension('insert_comment_end', $data, $comment_moderate, $comment_id);
if ($EXT->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** -------------------------------------------
/** Bounce user back to the comment page
/** -------------------------------------------*/
if ($comment_moderate == 'y') {
$data = array('title' => $LANG->line('cmt_comment_accepted'), 'heading' => $LANG->line('thank_you'), 'content' => $LANG->line('cmt_will_be_reviewed'), 'redirect' => $_POST['RET'], 'link' => array($_POST['RET'], $LANG->line('cmt_return_to_comments')), 'rate' => 3);
$OUT->show_message($data);
} else {
$FNS->redirect($_POST['RET']);
}
}
/** -----------------------------------------
/** USAGE: Submit New Post.
/** -----------------------------------------*/
function newPost($plist)
{
global $DB, $LANG, $FNS, $LOC, $PREFS, $REGX, $IN, $STAT;
$parameters = $plist->output_parameters();
if (!$this->fetch_member_data($parameters['2'], $parameters['3'])) {
return new XML_RPC_Response('0', '802', $LANG->line('invalid_access'));
}
/** ---------------------------------------
/** Parse Out Weblog Information
/** ---------------------------------------*/
$this->parse_weblog($parameters['1']);
$this->status = $parameters['5'] == '0' ? 'closed' : 'open';
$sticky = 'n';
/** ---------------------------------------
/** Parse Weblog Meta-Information
/** ---------------------------------------*/
// using entities because of <title> conversion by xss_clean()
if (preg_match('/<title>(.+?)<\\/title>/is', $parameters['4'], $matches)) {
$this->title = $PREFS->ini('auto_convert_high_ascii') == 'y' ? $REGX->ascii_to_entities(trim($matches['1'])) : $matches['1'];
$parameters['4'] = str_replace($matches['0'], '', $parameters['4']);
}
if (preg_match('/<weblog_id>(.+?)<\\/weblog_id>/is', $parameters['4'], $matches)) {
$this->weblog_id = trim($matches['1']);
$parameters['4'] = str_replace($matches['0'], '', $parameters['4']);
$this->parse_weblog($this->weblog_id);
}
if (preg_match('/<category>(.*?)<\\/category>/is', $parameters['4'], $matches)) {
$this->categories = trim($matches['1']);
$parameters['4'] = str_replace($matches['0'], '', $parameters['4']);
if (strlen($this->categories) > 0) {
$this->check_categories("AND exp_weblogs.weblog_id = '{$this->weblog_id}'");
}
}
if (preg_match('/<sticky>(.+?)<\\/sticky>/is', $parameters['4'], $matches)) {
$sticky = (trim($matches['1']) == 'yes' or trim($matches['1']) == 'y') ? 'y' : 'n';
$parameters['4'] = str_replace($matches['0'], '', $parameters['4']);
}
/** ---------------------------------------
/** Default Weblog Data for weblog_id
/** ---------------------------------------*/
$query = $DB->query("SELECT deft_comments, deft_trackbacks, cat_group,\n \t\t\t\t\t\t blog_title, blog_url,\n \t\t\t\t\t\t weblog_notify_emails, weblog_notify, comment_url\n \t\t\t\t\t\t FROM exp_weblogs\n \t\t\t\t\t\t WHERE weblog_id = '{$this->weblog_id}'");
if ($query->num_rows == 0) {
return new XML_RPC_Response('0', '802', $LANG->line('invalid_weblog'));
}
$notify_address = ($query->row['weblog_notify'] == 'y' and $query->row['weblog_notify_emails'] != '') ? $query->row['weblog_notify_emails'] : '';
/** ---------------------------------------
/** URL Title Unique?
/** ---------------------------------------*/
$url_title = $REGX->create_url_title($this->title, TRUE);
$sql = "SELECT count(*) AS count \n\t\t\t\tFROM exp_weblog_titles \n\t\t\t\tWHERE url_title = '" . $DB->escape_str($url_title) . "' \n\t\t\t\tAND weblog_id = '{$this->weblog_id}'";
$results = $DB->query($sql);
// Already have default title
if ($results->row['count'] > 0) {
// Give it a moblog title
$inbetween = $PREFS->ini('word_separator') == 'dash' ? '-' : '_';
$url_title .= $inbetween . 'api';
/** ---------------------------------------
/** Multiple Title Find
/** ---------------------------------------*/
$sql = "SELECT count(*) AS count \n\t\t\t\t\tFROM exp_weblog_titles \n\t\t\t\t\tWHERE url_title LIKE '" . $DB->escape_like_str($url_title) . "%' \n\t\t\t\t\tAND weblog_id = '{$this->weblog_id}'";
$results = $DB->query($sql);
$url_title .= $results->row['count'] + 1;
}
/** ---------------------------------
/** Build our query string
/** ---------------------------------*/
$metadata = array('entry_id' => '', 'weblog_id' => $this->weblog_id, 'author_id' => $this->userdata['member_id'], 'title' => $this->title, 'url_title' => $url_title, 'ip_address' => $IN->IP, 'entry_date' => $LOC->now, 'edit_date' => gmdate("YmdHis", $LOC->now), 'year' => gmdate('Y', $LOC->now), 'month' => gmdate('m', $LOC->now), 'day' => gmdate('d', $LOC->now), 'sticky' => $sticky, 'status' => $this->status, 'allow_comments' => $query->row['deft_comments'], 'allow_trackbacks' => $query->row['deft_trackbacks']);
/** ---------------------------------------
/** Parse Weblog Field Data
/** ---------------------------------------*/
$entry_data = array('weblog_id' => $this->weblog_id);
if (sizeof($this->fields) > 0) {
foreach ($this->fields as $field_id => $afield) {
if (preg_match('/<' . $afield['0'] . '>(.+?)<\\/' . $afield['0'] . '>/is', $parameters['4'], $matches)) {
if (!isset($entry_data['field_id_' . $field_id])) {
$entry_data['field_id_' . $field_id] = $matches['1'];
$entry_data['field_ft_' . $field_id] = $afield['1'];
} else {
$entry_data['field_id_' . $field_id] .= "\n" . $matches['1'];
}
$parameters['4'] = trim(str_replace($matches['0'], '', $parameters['4']));
}
}
}
if (trim($parameters['4']) != '') {
if (!isset($entry_data[$this->field])) {
$entry_data['field_id_' . $this->field] = trim($parameters['4']);
$entry_data['field_ft_' . $this->field] = $this->fields[$this->field]['1'];
} else {
$entry_data[$this->field] .= "\n" . trim($parameters['4']);
}
}
/** ---------------------------------
/** Insert the entry data
/** ---------------------------------*/
$metadata['site_id'] = $this->site_id;
$DB->query($DB->insert_string('exp_weblog_titles', $metadata));
$entry_data['entry_id'] = $DB->insert_id;
$entry_data['site_id'] = $this->site_id;
$DB->query($DB->insert_string('exp_weblog_data', $entry_data));
/** ---------------------------------
/** Insert Categories, if any
/** ---------------------------------*/
if (sizeof($this->ecategories) > 0) {
foreach ($this->ecategories as $catid => $cat_name) {
$DB->query("INSERT INTO exp_category_posts \n \t\t\t\t\t(entry_id, cat_id) \n \t\t\t\t\tVALUES \n \t\t\t\t\t('" . $entry_data['entry_id'] . "', '{$catid}')");
}
}
/** ----------------------------
/** Send admin notification
/** ----------------------------*/
if ($notify_address != '') {
$swap = array('name' => $this->userdata['screen_name'], 'email' => $this->userdata['email'], 'weblog_name' => $query->row['blog_title'], 'entry_title' => $metadata['title'], 'entry_url' => $FNS->remove_double_slashes($query->row['blog_url'] . '/' . $metadata['url_title'] . '/'), 'comment_url' => $FNS->remove_double_slashes($query->row['comment_url'] . '/' . $metadata['url_title'] . '/'));
$template = $FNS->fetch_email_template('admin_notify_entry');
$email_tit = $FNS->var_swap($template['title'], $swap);
$email_msg = $FNS->var_swap($template['data'], $swap);
// We don't want to send a notification if the person
// leaving the entry is in the notification list
$notify_address = str_replace($this->userdata['email'], "", $notify_address);
$notify_address = $REGX->remove_extra_commas($notify_address);
if ($notify_address != '') {
/** ----------------------------
/** Send email
/** ----------------------------*/
if (!class_exists('EEmail')) {
require PATH_CORE . 'core.email' . EXT;
}
$email = new EEmail();
foreach (explode(',', $notify_address) as $addy) {
$email->initialize();
$email->wordwrap = false;
$email->from($PREFS->ini('webmaster_email'), $PREFS->ini('webmaster_name'));
$email->to($addy);
$email->reply_to($PREFS->ini('webmaster_email'));
$email->subject($email_tit);
$email->message($REGX->entities_to_ascii($email_msg));
$email->Send();
}
}
}
/** ---------------------------------
/** Clear caches if needed
/** ---------------------------------*/
if ($PREFS->ini('new_posts_clear_caches') == 'y') {
$FNS->clear_caching('all');
} else {
$FNS->clear_caching('sql');
}
/** ---------------------------------------
/** Update those stats, stat!
/** ---------------------------------------*/
$STAT->update_weblog_stats($this->weblog_id);
$query = $DB->query("SELECT total_entries FROM exp_members WHERE member_id = '" . $this->userdata['member_id'] . "'");
$total_entries = $query->row['total_entries'] + 1;
$DB->query("UPDATE exp_members set total_entries = '{$total_entries}', last_entry_date = '" . $LOC->now . "' WHERE member_id = '" . $this->userdata['member_id'] . "'");
/** ---------------------------------
/** Return Entry ID of new entry
/** ---------------------------------*/
return new XML_RPC_Response(new XML_RPC_Values($entry_data['entry_id'], 'string'));
}
/**
* Send Notification
*
* This is the function that ultimately sends all notifications.
*
* @see http://expressionengine.com/developers/extension_hooks/delete_entries_loop/
* @since version 1.0.0
*/
function send_notification($action, $data)
{
global $PREFS, $FNS, $DB, $SESS, $REGX;
$query = $DB->query("SELECT blog_title, blog_url, weblog_notify, weblog_notify_emails\n\t\t FROM exp_weblogs\n\t\t WHERE weblog_id = '" . $data['weblog_id'] . "'");
$weblog_name = $REGX->ascii_to_entities($query->row['blog_title']);
$weblog_url = $query->row['blog_url'];
$notify_address = ($query->row['weblog_notify'] == ($action == 'deleted' ? 'y' : 'o') and $query->row['weblog_notify_emails'] != '') ? $query->row['weblog_notify_emails'] : '';
// If the 'skip_self' setting is selected,
// remove the current user's e-mail address from the list
if ($this->settings['skip_self'] == 'y') {
if (eregi($SESS->userdata('email'), $notify_address)) {
$notify_address = str_replace($SESS->userdata('email'), '', $notify_address);
}
}
$notify_address = $REGX->remove_extra_commas($notify_address);
if ($notify_address != '') {
$swap = array('action' => $action, 'weblog_url' => $weblog_url, 'url_title' => $data['url_title'], 'url' => ($weblog_url and $data['url_title']) ? $FNS->remove_double_slashes($weblog_url . '/' . $data['url_title'] . '/') : '', 'name' => $SESS->userdata('screen_name'), 'email' => $SESS->userdata('email'), 'entry_id' => $data['entry_id'], 'entry_title' => $data['title'], 'entry_status' => $data['status'], 'weblog_id' => $data['weblog_id'], 'weblog_name' => $weblog_name);
$email_tit = $FNS->var_swap($this->settings['email_tit_template'], $swap);
$email_msg = $FNS->var_swap($this->settings['email_msg_template'], $swap);
if (!class_exists('EEmail')) {
require PATH_CORE . 'core.email' . EXT;
}
$email = new EEmail();
foreach (explode(',', $notify_address) as $addy) {
$email->initialize();
$email->wordwrap = false;
$email->from($PREFS->ini('webmaster_email'), $PREFS->ini('webmaster_name'));
$email->to($addy);
$email->reply_to($PREFS->ini('webmaster_email'));
$email->subject($email_tit);
$email->message($REGX->entities_to_ascii($email_msg));
$email->Send();
}
}
}
/** -----------------------------------------
/** USAGE: Submit New Post.
/** -----------------------------------------*/
function newPost($plist)
{
global $DB, $LANG, $FNS, $LOC, $PREFS, $REGX, $IN, $STAT;
$parameters = $plist->output_parameters();
if (!$this->fetch_member_data($parameters['1'], $parameters['2'])) {
return new XML_RPC_Response('0', '802', $LANG->line('invalid_access'));
}
/** ---------------------------------------
/** Parse Out Weblog Information
/** ---------------------------------------*/
$this->parse_weblog($parameters['0']);
if ($this->entry_status != '' && $this->entry_status != 'null') {
$this->status = $this->entry_status;
} else {
$this->status = $parameters['4'] == '0' ? 'closed' : 'open';
}
/** ---------------------------------------
/** Default Weblog Data for weblog_id
/** ---------------------------------------*/
$query = $DB->query("SELECT deft_comments, deft_trackbacks, cat_group, deft_category,\n \t\t\t\t\t\t blog_title, blog_url, tb_return_url, trackback_field, trackback_system_enabled,\n \t\t\t\t\t\t weblog_notify_emails, weblog_notify, comment_url\n \t\t\t\t\t\t FROM exp_weblogs \n \t\t\t\t\t\t WHERE weblog_id = '{$this->weblog_id}'");
if ($query->num_rows == 0) {
return new XML_RPC_Response('0', '804', $LANG->line('invalid_weblog'));
}
foreach ($query->row as $key => $value) {
${$key} = $value;
}
$notify_address = ($query->row['weblog_notify'] == 'y' and $query->row['weblog_notify_emails'] != '') ? $query->row['weblog_notify_emails'] : '';
/** ---------------------------------------
/** Parse Data Struct
/** ---------------------------------------*/
$this->title = $parameters['3']['title'];
$ping_urls = !isset($parameters['3']['mt_tb_ping_urls']) ? '' : implode("\n", $parameters['3']['mt_tb_ping_urls']);
$this->field_data['excerpt'] = !isset($parameters['3']['mt_excerpt']) ? '' : $parameters['3']['mt_excerpt'];
$this->field_data['content'] = !isset($parameters['3']['description']) ? '' : $parameters['3']['description'];
$this->field_data['more'] = !isset($parameters['3']['mt_text_more']) ? '' : $parameters['3']['mt_text_more'];
$this->field_data['keywords'] = !isset($parameters['3']['mt_keywords']) ? '' : $parameters['3']['mt_keywords'];
if (isset($parameters['3']['mt_allow_comments'])) {
$deft_comments = $parameters['3']['mt_allow_comments'] == 1 ? 'y' : 'n';
}
if (isset($parameters['3']['mt_allow_pings'])) {
$deft_trackbacks = $parameters['3']['mt_allow_pings'] == 1 ? 'y' : 'n';
}
if (isset($parameters['3']['categories']) && sizeof($parameters['3']['categories']) > 0) {
$cats = array();
foreach ($parameters['3']['categories'] as $cat) {
if (trim($cat) != '') {
$cats[] = $cat;
}
}
if (sizeof($cats) == 0 && !empty($deft_category)) {
$cats = array($deft_category);
}
if (sizeof($cats) > 0) {
$this->check_categories(array_unique($cats));
}
} elseif (!empty($deft_category)) {
$this->check_categories(array($deft_category));
}
if (!empty($parameters['3']['dateCreated'])) {
$entry_date = $this->iso8601_decode($parameters['3']['dateCreated']);
} else {
$entry_date = $LOC->now;
}
/** ---------------------------------------
/** URL Title Unique?
/** ---------------------------------------*/
$url_title = $REGX->create_url_title($this->title, TRUE);
$sql = "SELECT count(*) AS count \n\t\t\t\tFROM exp_weblog_titles \n\t\t\t\tWHERE url_title = '" . $DB->escape_str($url_title) . "' \n\t\t\t\tAND weblog_id = '{$this->weblog_id}'";
$results = $DB->query($sql);
// Already have default title
if ($results->row['count'] > 0) {
// Give it a moblog title
$inbetween = $PREFS->ini('word_separator') == 'dash' ? '-' : '_';
$url_title .= $inbetween . 'api';
/** ---------------------------------------
/** Multiple Title Find
/** ---------------------------------------*/
$sql = "SELECT count(*) AS count \n\t\t\t\t\tFROM exp_weblog_titles \n\t\t\t\t\tWHERE url_title LIKE '" . $DB->escape_like_str($url_title) . "%' \n\t\t\t\t\tAND weblog_id = '{$this->weblog_id}'";
$results = $DB->query($sql);
$url_title .= $results->row['count'] + 1;
}
/** ---------------------------------
/** Build our query string
/** --------------------------------*/
$metadata = array('entry_id' => '', 'weblog_id' => $this->weblog_id, 'author_id' => $this->userdata['member_id'], 'title' => $this->title, 'url_title' => $url_title, 'ip_address' => $IN->IP, 'entry_date' => $entry_date, 'edit_date' => gmdate("YmdHis", $entry_date), 'year' => gmdate('Y', $entry_date), 'month' => gmdate('m', $entry_date), 'day' => gmdate('d', $entry_date), 'status' => $this->status, 'allow_comments' => $deft_comments, 'allow_trackbacks' => $deft_trackbacks);
/** ---------------------------------------
/** Parse Weblog Field Data
/** ---------------------------------------*/
$entry_data = array('weblog_id' => $this->weblog_id);
// Default formatting for all of the weblog's fields...
foreach ($this->fields as $field_id => $field_data) {
$entry_data['field_ft_' . $field_id] = $field_data['1'];
}
$convert_breaks = !isset($parameters['3']['mt_convert_breaks']) ? '' : $parameters['3']['mt_convert_breaks'];
if ($convert_breaks != '') {
$plugins = $this->fetch_plugins();
if (!in_array($convert_breaks, $plugins)) {
$convert_breaks = '';
}
}
if (isset($this->fields[$this->excerpt_field])) {
if (isset($entry_data['field_id_' . $this->excerpt_field])) {
$entry_data['field_id_' . $this->excerpt_field] .= $this->field_data['excerpt'];
} else {
$entry_data['field_id_' . $this->excerpt_field] = $this->field_data['excerpt'];
}
$entry_data['field_ft_' . $this->excerpt_field] = $convert_breaks != '' ? $convert_breaks : $this->fields[$this->excerpt_field]['1'];
}
if (isset($this->fields[$this->content_field])) {
if (isset($entry_data['field_id_' . $this->content_field])) {
$entry_data['field_id_' . $this->content_field] .= $this->field_data['content'];
} else {
$entry_data['field_id_' . $this->content_field] = $this->field_data['content'];
}
$entry_data['field_ft_' . $this->content_field] = $convert_breaks != '' ? $convert_breaks : $this->fields[$this->content_field]['1'];
}
if (isset($this->fields[$this->more_field])) {
if (isset($entry_data['field_id_' . $this->more_field])) {
$entry_data['field_id_' . $this->more_field] .= $this->field_data['more'];
} else {
$entry_data['field_id_' . $this->more_field] = $this->field_data['more'];
}
$entry_data['field_ft_' . $this->more_field] = $convert_breaks != '' ? $convert_breaks : $this->fields[$this->more_field]['1'];
}
if (isset($this->fields[$this->keywords_field])) {
if (isset($entry_data['field_id_' . $this->keywords_field])) {
$entry_data['field_id_' . $this->keywords_field] .= $this->field_data['keywords'];
} else {
$entry_data['field_id_' . $this->keywords_field] = $this->field_data['keywords'];
}
$entry_data['field_ft_' . $this->keywords_field] = $convert_breaks != '' ? $convert_breaks : $this->fields[$this->keywords_field]['1'];
}
/** ---------------------------------
/** DST Setting
/** ---------------------------------*/
if ($PREFS->ini('honor_entry_dst') == 'y') {
$metadata['dst_enabled'] = $PREFS->ini('daylight_savings') == 'y' ? 'y' : 'n';
}
/** ---------------------------------
/** Insert the entry data
/** ---------------------------------*/
$metadata['site_id'] = $this->site_id;
$DB->query($DB->insert_string('exp_weblog_titles', $metadata));
$entry_data['entry_id'] = $DB->insert_id;
$entry_data['site_id'] = $this->site_id;
$DB->query($DB->insert_string('exp_weblog_data', $entry_data));
/** ---------------------------------
/** Insert Categories, if any
/** ---------------------------------*/
if (sizeof($this->categories) > 0) {
foreach ($this->categories as $catid => $cat_name) {
$DB->query("INSERT INTO exp_category_posts \n \t\t\t\t\t(entry_id, cat_id) \n \t\t\t\t\tVALUES \n \t\t\t\t\t('" . $entry_data['entry_id'] . "', '{$catid}')");
}
}
/** ------------------------------------
/** Send Pings - So Many Conditions...
/** ------------------------------------*/
if (trim($ping_urls) != '' && $trackback_system_enabled == 'y' && isset($entry_data['field_id_' . $trackback_field]) && $entry_data['field_id_' . $trackback_field] != '' && $metadata['status'] != 'closed' && $entry_date < $LOC->now + 90) {
$entry_link = $REGX->prep_query_string($tb_return_url == '' ? $blog_url : $tb_return_url);
$entry_link = $FNS->remove_double_slashes($entry_link . '/' . $metadata['url_title'] . '/');
$tb_data = array('entry_id' => $entry_data['entry_id'], 'entry_link' => $FNS->remove_double_slashes($entry_link), 'entry_title' => $metadata['title'], 'entry_content' => $entry_data['field_id_' . $trackback_field], 'tb_format' => $entry_data['field_ft_' . $trackback_field], 'weblog_name' => $blog_title, 'trackback_url' => str_replace("\n", ',', $ping_urls));
require PATH_MOD . 'trackback/mcp.trackback' . EXT;
$TB = new Trackback_CP();
$tb_res = $TB->send_trackback($tb_data);
/** ---------------------------------------
/** Update the "sent_trackbacks" field
/** ---------------------------------------*/
// Fetch the URLs that were sent successfully and update the DB
if (count($tb_res['0']) > 0) {
foreach ($tb_res['0'] as $val) {
$sent_trackbacks .= $val . "\n";
}
$DB->query("UPDATE exp_weblog_titles SET sent_trackbacks = '{$sent_trackbacks}' WHERE entry_id = '" . $entry_data['entry_id'] . "'");
}
$tb_errors = count($tb_res['1']) > 0 ? TRUE : FALSE;
}
/** ----------------------------
/** Send admin notification
/** ----------------------------*/
if ($notify_address != '') {
$swap = array('name' => $this->userdata['screen_name'], 'email' => $this->userdata['email'], 'weblog_name' => $blog_title, 'entry_title' => $metadata['title'], 'entry_url' => $FNS->remove_double_slashes($blog_url . '/' . $metadata['url_title'] . '/'), 'comment_url' => $FNS->remove_double_slashes($comment_url . '/' . $metadata['url_title'] . '/'));
$template = $FNS->fetch_email_template('admin_notify_entry');
$email_tit = $FNS->var_swap($template['title'], $swap);
$email_msg = $FNS->var_swap($template['data'], $swap);
// We don't want to send a notification if the person
// leaving the entry is in the notification list
$notify_address = str_replace($this->userdata['email'], "", $notify_address);
$notify_address = $REGX->remove_extra_commas($notify_address);
if ($notify_address != '') {
/** ----------------------------
/** Send email
/** ----------------------------*/
if (!class_exists('EEmail')) {
require PATH_CORE . 'core.email' . EXT;
}
$email = new EEmail();
foreach (explode(',', $notify_address) as $addy) {
$email->initialize();
$email->wordwrap = false;
$email->from($PREFS->ini('webmaster_email'), $PREFS->ini('webmaster_name'));
$email->to($addy);
$email->reply_to($PREFS->ini('webmaster_email'));
$email->subject($email_tit);
$email->message($REGX->entities_to_ascii($email_msg));
$email->Send();
}
}
}
/** ---------------------------------
/** Clear caches if needed
/** ---------------------------------*/
if ($PREFS->ini('new_posts_clear_caches') == 'y') {
$FNS->clear_caching('all');
} else {
$FNS->clear_caching('sql');
}
/** ---------------------------------
/** Update Those Sexy Stats, Baby!
/** ---------------------------------*/
$STAT->update_weblog_stats($this->weblog_id);
$query = $DB->query("SELECT total_entries FROM exp_members WHERE member_id = '" . $this->userdata['member_id'] . "'");
$total_entries = $query->row['total_entries'] + 1;
$DB->query("UPDATE exp_members set total_entries = '{$total_entries}', last_entry_date = '{$entry_date}' WHERE member_id = '" . $this->userdata['member_id'] . "'");
/** ---------------------------------
/** Return Entry ID of new entry
/** ---------------------------------*/
return new XML_RPC_Response(new XML_RPC_Values($entry_data['entry_id'], 'string'));
}