function mw_post_form($edit = 0)
{
global $xoopsConfig, $xoopsUser, $xoopsSecurity;
if (!$xoopsUser) {
redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
// Check if user is a editor
$author = new MWEditor();
if (!$author->from_user($xoopsUser->uid()) && !$xoopsUser->isAdmin()) {
redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
RMTemplate::get()->add_script(RMCURL . '/include/js/jquery.min.js');
RMTemplate::get()->add_script(RMCURL . '/include/js/jquery-ui.min.js');
if ($edit) {
$id = rmc_server_var($_GET, 'id', 0);
if ($id <= 0) {
redirect_header(MWFunctions::get_url(), __('Please, specify a valid post ID', 'mywords'), 1);
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1);
die;
}
// Check if user is the admin or a editor of this this post
if ($author->id() != $post->getVar('author') && !$xoopsUser->isAdmin()) {
redirect_header($post->permalink(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
}
// Read privileges
$perms = @$author->getVar('privileges');
$perms = is_array($perms) ? $perms : array();
$allowed_tracks = in_array("tracks", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_tags = in_array("tags", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_cats = in_array("cats", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_comms = in_array("comms", $perms) || $xoopsUser->isAdmin() ? true : false;
$xoopsOption['module_subpage'] = 'submit';
include 'header.php';
$form = new RMForm('', '', '');
$editor = new RMFormEditor('', 'content', '99%', '300px', $edit ? $post->getVar('content') : '');
$meta_names = MWFunctions::get()->get_metas();
RMTemplate::get()->add_xoops_style('submit.css', 'mywords');
RMTemplate::get()->add_script(XOOPS_URL . '/modules/mywords/include/js/scripts.php?file=posts.js&front=1');
include RMTemplate::get()->get_template('mywords_submit_form.php', 'module', 'mywords');
include 'footer.php';
}
/**
* Agregamos nuevos editores a la base de datos
*/
function save_editor($edit = false)
{
global $xoopsConfig, $xoopsSecurity;
$page = rmc_server_var($_POST, 'page', 1);
if (!$xoopsSecurity->check()) {
redirectMsg('editors.php?page=' . $page, __('Operation not allowed!', 'mywords'), 1);
die;
}
if ($edit) {
$id = rmc_server_var($_POST, 'id', 0);
if ($id <= 0) {
redirectMsg('editors.php?page=' . $page, __('Editor ID has not been provided!', 'mywords'), 1);
die;
}
$editor = new MWEditor($id);
if ($editor->isNew()) {
redirectMsg('editors.php?page=' . $page, __('Editor has not been found!', 'mywords'), 1);
die;
}
} else {
$editor = new MWEditor();
}
$name = rmc_server_var($_POST, 'name', '');
$bio = rmc_server_var($_POST, 'bio', '');
$uid = rmc_server_var($_POST, 'new_user', 0);
$perms = rmc_server_var($_POST, 'perms', array());
$short = rmc_server_var($_POST, 'short', '');
if (trim($name) == '') {
redirectMsg('editors.php?page=' . $page, __('You must provide a display name for this editor!', 'mywords'), 1);
die;
}
if ($uid <= 0) {
redirectMsg('editors.php?page=' . $page, __('You must specify a registered user ID for this editor!', 'mywords'), 1);
die;
}
// Check if XoopsUser is already register
$db = XoopsDatabaseFactory::getDatabaseConnection();
$sql = "SELECT COUNT(*) FROM " . $db->prefix("mw_editors") . " WHERE uid={$uid}";
if ($edit) {
$sql .= " AND id_editor<>" . $editor->id();
}
list($num) = $db->fetchRow($db->query($sql));
if ($num > 0) {
redirectMsg('editors.php?page=' . $page, __('This user has been registered as editor before.', 'mywords'), 1);
die;
}
$editor->setVar('name', $name);
$editor->setVar('shortname', TextCleaner::sweetstring($short != '' ? $short : $name));
$editor->setVar('bio', $bio);
$editor->setVar('uid', $uid);
$editor->setVar('privileges', $perms);
if (!$editor->save()) {
redirectMsg('editors.php?page=' . $page, __('Errors occurs while trying to save editor data', 'mywords') . '<br />' . $editor->errors(), 1);
die;
} else {
redirectMsg('editors.php?page=' . $page, __('Database updated succesfully!', 'mywords'), 0);
die;
}
}
$image = '';
}
$item['description'] = XoopsLocal::convert_encoding(htmlspecialchars($image . $post->content(true), ENT_QUOTES));
$item['pubdate'] = formatTimestamp($post->getVar('pubdate'), 'rss');
$item['guid'] = $post->permalink();
$rss_items[] = $item;
}
break;
case 'author':
include_once XOOPS_ROOT_PATH . '/modules/mywords/class/mweditor.class.php';
$id = RMHttpRequest::get('author', 'integer', 0);
if ($id <= 0) {
redirect_header('backend.php', 1, __('Sorry, specified author was not foud!', 'mywords'));
die;
}
$ed = new MWEditor($id);
if ($ed->isNew()) {
redirect_header('backend.php', 1, __('Sorry, specified author was not foud!', 'mywords'));
die;
}
$rss_channel['title'] = sprintf(__('Posts by %s in %s', 'mywords'), $ed->name != '' ? $ed->name : $ed->shortname, $xoopsConfig['sitename']);
$rss_channel['link'] = $ed->permalink();
$rss_channel['description'] = sprintf(__('Posts published by %s.', 'mywords'), $ed->getVar('name')) . ' ' . htmlspecialchars(strip_tags($ed->getVar('bio')), ENT_QUOTES);
$rss_channel['lastbuild'] = formatTimestamp(time(), 'rss');
$rss_channel['webmaster'] = checkEmail($xoopsConfig['adminmail'], true);
$rss_channel['editor'] = checkEmail($xoopsConfig['adminmail'], true);
$rss_channel['category'] = "Blog";
$rss_channel['generator'] = 'Common Utilities';
$rss_channel['language'] = RMCLANG;
$posts = MWFunctions::get_filtered_posts("author=" . $ed->uid, 0, 10);
$rss_items = array();
/**
* Verify if a user is a registered editor
*/
public function is_editor($uid = 0)
{
if ($uid <= 0) {
return false;
}
$editor = new MWEditor();
$editor->from_user($uid);
return !$editor->isNew();
}
header('Content-Type: text/xml');
require '../../mainfile.php';
load_mod_locale('mywords');
global $xoopsLogger;
$xoopsLogger->renderingEnabled = false;
error_reporting(0);
$xoopsLogger->activated = false;
$id = rmc_server_var($_REQUEST, 'trackback', 0);
if ($id <= 0) {
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
die;
}
$editor = new MWEditor($post->getVar('author'));
if ($editor->isNew()) {
$user = new XoopsUser($post->getVar('author'));
}
$track = new MWTrackback($xoopsConfig['sitename'], $editor->getVar('name'));
$id = $track->post_id;
// The id of the item being trackbacked
$url = $track->url;
// The URL from which we got the trackback
$title = $track->title;
// Subject/title send by trackback
$excerpt = $track->excerpt;
// Short text send by trackback
$blog_name = rmc_server_var($_POST, 'blog_name', '');
if ($url == '' || $title == '' || $excerpt == '') {
echo $track->recieve(false, __('Sorry, your trackback seems to be invalid!', 'mywords'));
if (!$post->user_allowed()) {
redirect_header(MWFunctions::get_url(), 2, __('Sorry, you are not allowed to view this post', 'mywords'));
die;
}
// Check if post belong to some category
if (count($post->get_categos()) <= 0) {
$post->update();
}
# Generamos los vínculos
$day = date('d', $post->getVar('pubdate'));
$month = date('m', $post->getVar('pubdate'));
$year = date('Y', $post->getVar('pubdate'));
//
$page = isset($_REQUEST['page']) ? $_REQUEST['page'] : 0;
# Generamos el vínculo para el autor
$editor = new MWEditor($post->getVar('author'));
# Texto de continuar leyendo
$xoopsTpl->assign('xoops_pagetitle', $post->getVar('title'));
# Cargamos los comentarios del Artículo
if ($page <= 0) {
$path = explode("/", $request);
$srh = array_search('page', $path);
if (isset($path[$srh]) && $path[$srh] == 'page') {
if (!isset($path[$srh])) {
$page = 1;
} else {
$page = $path[$srh + 1];
}
} else {
$page = 1;
}
// Blogging System
// Author: Eduardo Cortés <*****@*****.**>
// Email: i.bitcero@gmail.com
// License: GPL 2.0
// --------------------------------------------------------------
require '../../mainfile.php';
global $xoopsUser, $xoopsOption, $xoopsModuleConfig, $xoopsConfig, $rmTpl, $xoopsSecurity;
if (!$xoopsModuleConfig['submit']) {
RMUris::redirect_with_message(__('Posts submission is currently disabled', 'mywords'), XOOPS_URL, RMMSG_INFO);
}
if (!$xoopsUser) {
redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
// Check if user is a editor
$author = new MWEditor();
if (!$author->from_user($xoopsUser->uid()) && !$xoopsUser->isAdmin()) {
redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
RMTemplate::get()->add_jquery();
$edit = isset($edit) ? $edit : 0;
if ($edit > 0) {
$id = $edit;
if ($id <= 0) {
redirect_header(MWFunctions::get_url(), __('Please, specify a valid post ID', 'mywords'), 1);
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1);
$post->assignVars($row);
$drafts[] = $post;
}
$pendings = array();
$result = $db->query("SELECT * FROM " . $db->prefix("mod_mywords_posts") . " WHERE status='waiting' ORDER BY id_post DESC LIMIT 0,8");
while ($row = $db->fetchArray($result)) {
$post = new MWPost();
$post->assignVars($row);
$pendings[] = $post;
}
// Editors
$sql = "SELECT *, (SELECT COUNT(*) FROM " . $db->prefix("mod_mywords_posts") . " WHERE author=id_editor) as counter FROM " . $db->prefix("mod_mywords_editors") . " ORDER BY counter DESC LIMIT 0, 5";
$result = $db->query($sql);
$editors = array();
while ($row = $db->fetchArray($result)) {
$editor = new MWEditor();
$editor->assignVars($row);
$editors[] = array('id' => $editor->id(), 'name' => $editor->getVar('name'), 'link' => $editor->permalink(), 'total' => $row['counter']);
}
unset($editor, $result, $sql);
// URL rewriting
$rule = "RewriteRule ^" . trim($xoopsModuleConfig['basepath'], '/') . "/?(.*)\$ modules/mywords/index.php [L]";
if ($xoopsModuleConfig['permalinks'] > 1) {
$ht = new RMHtaccess('mywords');
$htResult = $ht->write($rule);
if ($htResult !== true) {
showMessage(__('An error ocurred while trying to write .htaccess file!', 'mywords'), RMMSG_ERROR);
}
} else {
$ht = new RMHtaccess('mywords');
$ht->removeRule();
public static function get_editors($start, $limit, $where = '', $sort = 'name', $order = 'ASC')
{
$db = XoopsDatabaseFactory::getDatabaseConnection();
$sql = "SELECT * FROM " . $db->prefix("mod_mywords_editors");
if ($where != '') {
$sql .= " WHERE {$where}";
}
if ($sort != '') {
$sql .= " ORDER BY {$sort} {$order}";
}
$sql .= " LIMIT {$start}, {$limit}";
$editors = array();
$result = $db->query($sql);
while ($row = $db->fetchArray($result)) {
$editor = new MWEditor();
$editor->assignVars($row);
$editors[] = $editor;
}
return $editors;
}
/**
* Determines if current or given user can read this post
* @param int $id User ID
* @return bool
*/
public function user_allowed($uid = null)
{
global $xoopsUser;
if (!$xoopsUser) {
$owner = false;
} else {
$user = $uid != null ? $uid : $xoopsUser->uid();
$editor = new MWEditor($this->getVar('author'));
$owner = $user == $editor->getVar('uid');
}
if ($owner) {
return true;
}
if ($this->getVar('status') != 'publish') {
return false;
}
if ($this->getVar('visibility') == 'public') {
return true;
}
if ($this->getVar('visibility') == 'password') {
$pass = rmc_server_var($_POST, 'password', '');
$pass = $pass == '' && isset($_SESSION['password-' . $this->id()]) ? $_SESSION['password-' . $this->id()] : $pass;
if ($pass == '') {
return false;
}
if ($pass != $this->getVar('password')) {
return false;
}
$_SESSION['password-' . $this->id()] = $pass;
return true;
}
return false;
}
}
// Categories
if (!isset($categories) || empty($categories)) {
$categories = array(MWFunctions::get()->default_category_id());
}
// Check publish options
if ($visibility == 'password' && $vis_password == '') {
return_error(__('You must provide a password for this post or select another visibility option', 'mywords'), true);
die;
}
$time = explode("-", $schedule);
$schedule = mktime($time[3], $time[4], 0, $time[1], $time[0], $time[2]);
if ($schedule <= time()) {
$schedule = 0;
}
$editor = new MWEditor($xoopsUser->uid(), 'user');
if ($editor->isNew()) {
$editor->setVar('uid', $xoopsUser->uid());
$editor->setVar('shortname', $xoopsUser->getVar('uname'));
$editor->setVar('name', $xoopsUser->getVar('name'));
$editor->setVar('bio', $xoopsUser->getVar('bio'));
$editor->setVar('active', 0);
$editor->save();
}
// Add Data
$post->setVar('title', $title);
$post->setVar('shortname', $shortname);
$post->setVar('content', $content);
if ($editor->isNew() && !$xoopsUser->isAdmin()) {
$status = 'pending';
} else {
global $xoopsLogger;
$xoopsLogger->renderingEnabled = false;
error_reporting(0);
$xoopsLogger->activated = false;
extract($_POST);
/*if(!$xoopsSecurity->check() || !$xoopsSecurity->checkReferer()){
$ret = array(
'error'=>__('You are not allowed to do this operation!','mywords')
);
echo json_encode($ret);
die();
}*/
if (!isset($xoopsUser)) {
return_error(__('You are not allowed to do this action!', 'mywords'), false, MW_URL);
}
$editor = new MWEditor();
$editor->from_user($author);
if ($editor->isNew() && !$xoopsUser->isAdmin()) {
return_error(__('You are not allowed to do this action!', 'mywords'), false, MW_URL);
}
if ($op == 'saveedit') {
if (!isset($id) || $id <= 0) {
return_error(__('You must provide a valid post ID', 'mywords'), 0, 'posts.php');
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
return_error(__('You must provide an existing post ID', 'mywords'), 0, 'posts.php');
die;
}
if (!$editor->id() == $post->getVar('author') && !$xoopsUser->isAdmin()) {
* This file execute the pings for a given post
*/
require '../../mainfile.php';
global $xoopsLogger;
$xoopsLogger->renderingEnabled = false;
error_reporting(0);
$xoopsLogger->activated = false;
$id = rmc_server_var($_GET, 'post', 0);
if ($id <= 0) {
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
die;
}
$editor = new MWEditor($post->getVar('author'));
if ($editor->isNew()) {
$user = new XoopsUser($post->getVar('author'));
}
$tracks = $post->getVar('toping');
if (empty($tracks)) {
die;
}
$pinged = $post->getVar('pinged');
$toping = $post->getVar('toping');
$tp = array();
$tback = new MWTrackback($xoopsModuleConfig['blogname'], $editor->isNew() ? $user->getVar('uname') : $editor->getVar('name'));
foreach ($tracks as $t) {
if (!empty($pinged) && in_array($t, $pinged)) {
continue;
}
// Blogging System
// Author: Eduardo Cortés <*****@*****.**>
// Email: i.bitcero@gmail.com
// License: GPL 2.0
// --------------------------------------------------------------
$xoopsOption['template_main'] = 'mywords_author.html';
$xoopsOption['module_subpage'] = 'author';
include 'header.php';
if (!is_numeric($editor)) {
$sql = "SELECT id_editor FROM " . $db->prefix("mw_editors") . " WHERE shortname='{$editor}'";
list($editor) = $db->fetchRow($db->query($sql));
if ($editor == '') {
$editor = 0;
}
}
$ed = new MWEditor($editor);
if ($ed->isNew()) {
redirect_header(MWFunctions::get_url(), 2, __('Sorry, We don\'t know to this editor', 'admin_mywords'));
die;
}
$page = isset($_REQUEST['page']) ? $_REQUEST['page'] : 0;
if ($page <= 0) {
$path = explode("/", $request);
$srh = array_search('page', $path);
if (isset($path[$srh]) && $path[$srh] == 'page') {
if (!isset($path[$srh])) {
$page = 0;
} else {
$page = $path[$srh + 1];
}
}
// Blogging System
// Author: Eduardo Cortés <*****@*****.**>
// Email: i.bitcero@gmail.com
// License: GPL 2.0
// --------------------------------------------------------------
$xoopsOption['template_main'] = 'mywords-author.tpl';
$xoopsOption['module_subpage'] = 'author';
include 'header.php';
if (!is_numeric($editor)) {
$sql = "SELECT id_editor FROM " . $db->prefix("mod_mywords_editors") . " WHERE shortname='{$editor}'";
list($editor) = $db->fetchRow($db->query($sql));
if ($editor == '') {
$editor = 0;
}
}
$ed = new MWEditor($editor);
if ($ed->isNew()) {
$params = array('page' => 'author');
RMFunctions::error_404(__('Sorry, we don\'t know this editor', 'admin_mywords'), 'mywords', $params);
die;
}
$xoopsTpl->assign('editor', array('id' => $ed->id(), 'uid' => $ed->uid, 'name' => $ed->name, 'email' => $ed->data('email'), 'uname' => $ed->uname));
$page = isset($_REQUEST['page']) ? $_REQUEST['page'] : 0;
if ($page <= 0) {
$path = explode("/", $request);
$srh = array_search('page', $path);
if (isset($path[$srh]) && $path[$srh] == 'page') {
if (!isset($path[$srh])) {
$page = 0;
} else {
$page = $path[$srh + 1];
if (!$post->user_allowed()) {
redirect_header(MWFunctions::get_url(), 2, __('Sorry, you are not allowed to view this post', 'mywords'));
die;
}
// Check if post belong to some category
if (count($post->get_categos()) <= 0) {
$post->update();
}
# Generamos los vínculos
$day = date('d', $post->getVar('pubdate'));
$month = date('m', $post->getVar('pubdate'));
$year = date('Y', $post->getVar('pubdate'));
//
$page = isset($_REQUEST['page']) ? $_REQUEST['page'] : 0;
# Cargamos los datos del autor
$editor = new MWEditor($post->getVar('author'), 'user');
if ($editor->isNew()) {
if ($xoopsUser && $xoopsUser->uid() == $post->author) {
$user = $xoopsUser;
} else {
$user = new RMUser($post->author);
}
$editor->uid = $user->uid();
$editor->name = $user->getVar('name');
$editor->shortname = $user->getVar('uname');
$editor->privileges = array('tags', 'tracks', 'comms');
$editor->save();
}
# Texto de continuar leyendo
$xoopsTpl->assign('xoops_pagetitle', $post->getVar('customtitle') != '' ? $post->getVar('customtitle') : $post->getVar('title'));
# Cargamos los comentarios del Artículo
