function mw_post_form($edit = 0)
{
global $xoopsConfig, $xoopsUser, $xoopsSecurity;
if (!$xoopsUser) {
redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
// Check if user is a editor
$author = new MWEditor();
if (!$author->from_user($xoopsUser->uid()) && !$xoopsUser->isAdmin()) {
redirect_header(MWFunctions::get_url(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
RMTemplate::get()->add_script(RMCURL . '/include/js/jquery.min.js');
RMTemplate::get()->add_script(RMCURL . '/include/js/jquery-ui.min.js');
if ($edit) {
$id = rmc_server_var($_GET, 'id', 0);
if ($id <= 0) {
redirect_header(MWFunctions::get_url(), __('Please, specify a valid post ID', 'mywords'), 1);
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1);
die;
}
// Check if user is the admin or a editor of this this post
if ($author->id() != $post->getVar('author') && !$xoopsUser->isAdmin()) {
redirect_header($post->permalink(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
}
// Read privileges
$perms = @$author->getVar('privileges');
$perms = is_array($perms) ? $perms : array();
$allowed_tracks = in_array("tracks", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_tags = in_array("tags", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_cats = in_array("cats", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_comms = in_array("comms", $perms) || $xoopsUser->isAdmin() ? true : false;
$xoopsOption['module_subpage'] = 'submit';
include 'header.php';
$form = new RMForm('', '', '');
$editor = new RMFormEditor('', 'content', '99%', '300px', $edit ? $post->getVar('content') : '');
$meta_names = MWFunctions::get()->get_metas();
RMTemplate::get()->add_xoops_style('submit.css', 'mywords');
RMTemplate::get()->add_script(XOOPS_URL . '/modules/mywords/include/js/scripts.php?file=posts.js&front=1');
include RMTemplate::get()->get_template('mywords_submit_form.php', 'module', 'mywords');
include 'footer.php';
}
/**
* Agregamos nuevos editores a la base de datos
*/
function save_editor($edit = false)
{
global $xoopsConfig, $xoopsSecurity;
$page = rmc_server_var($_POST, 'page', 1);
if (!$xoopsSecurity->check()) {
redirectMsg('editors.php?page=' . $page, __('Operation not allowed!', 'mywords'), 1);
die;
}
if ($edit) {
$id = rmc_server_var($_POST, 'id', 0);
if ($id <= 0) {
redirectMsg('editors.php?page=' . $page, __('Editor ID has not been provided!', 'mywords'), 1);
die;
}
$editor = new MWEditor($id);
if ($editor->isNew()) {
redirectMsg('editors.php?page=' . $page, __('Editor has not been found!', 'mywords'), 1);
die;
}
} else {
$editor = new MWEditor();
}
$name = rmc_server_var($_POST, 'name', '');
$bio = rmc_server_var($_POST, 'bio', '');
$uid = rmc_server_var($_POST, 'new_user', 0);
$perms = rmc_server_var($_POST, 'perms', array());
$short = rmc_server_var($_POST, 'short', '');
if (trim($name) == '') {
redirectMsg('editors.php?page=' . $page, __('You must provide a display name for this editor!', 'mywords'), 1);
die;
}
if ($uid <= 0) {
redirectMsg('editors.php?page=' . $page, __('You must specify a registered user ID for this editor!', 'mywords'), 1);
die;
}
// Check if XoopsUser is already register
$db = XoopsDatabaseFactory::getDatabaseConnection();
$sql = "SELECT COUNT(*) FROM " . $db->prefix("mw_editors") . " WHERE uid={$uid}";
if ($edit) {
$sql .= " AND id_editor<>" . $editor->id();
}
list($num) = $db->fetchRow($db->query($sql));
if ($num > 0) {
redirectMsg('editors.php?page=' . $page, __('This user has been registered as editor before.', 'mywords'), 1);
die;
}
$editor->setVar('name', $name);
$editor->setVar('shortname', TextCleaner::sweetstring($short != '' ? $short : $name));
$editor->setVar('bio', $bio);
$editor->setVar('uid', $uid);
$editor->setVar('privileges', $perms);
if (!$editor->save()) {
redirectMsg('editors.php?page=' . $page, __('Errors occurs while trying to save editor data', 'mywords') . '<br />' . $editor->errors(), 1);
die;
} else {
redirectMsg('editors.php?page=' . $page, __('Database updated succesfully!', 'mywords'), 0);
die;
}
}
}
$pendings = array();
$result = $db->query("SELECT * FROM " . $db->prefix("mod_mywords_posts") . " WHERE status='waiting' ORDER BY id_post DESC LIMIT 0,8");
while ($row = $db->fetchArray($result)) {
$post = new MWPost();
$post->assignVars($row);
$pendings[] = $post;
}
// Editors
$sql = "SELECT *, (SELECT COUNT(*) FROM " . $db->prefix("mod_mywords_posts") . " WHERE author=id_editor) as counter FROM " . $db->prefix("mod_mywords_editors") . " ORDER BY counter DESC LIMIT 0, 5";
$result = $db->query($sql);
$editors = array();
while ($row = $db->fetchArray($result)) {
$editor = new MWEditor();
$editor->assignVars($row);
$editors[] = array('id' => $editor->id(), 'name' => $editor->getVar('name'), 'link' => $editor->permalink(), 'total' => $row['counter']);
}
unset($editor, $result, $sql);
// URL rewriting
$rule = "RewriteRule ^" . trim($xoopsModuleConfig['basepath'], '/') . "/?(.*)\$ modules/mywords/index.php [L]";
if ($xoopsModuleConfig['permalinks'] > 1) {
$ht = new RMHtaccess('mywords');
$htResult = $ht->write($rule);
if ($htResult !== true) {
showMessage(__('An error ocurred while trying to write .htaccess file!', 'mywords'), RMMSG_ERROR);
}
} else {
$ht = new RMHtaccess('mywords');
$ht->removeRule();
$ht->write();
}
}
RMTemplate::get()->add_jquery();
$edit = isset($edit) ? $edit : 0;
if ($edit > 0) {
$id = $edit;
if ($id <= 0) {
redirect_header(MWFunctions::get_url(), __('Please, specify a valid post ID', 'mywords'), 1);
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
redirect_header(MWFunctions::get_url(), __('Specified post does not exists!', 'mywords'), 1);
die;
}
// Check if user is the admin or a editor of this this post
if ($author->id() != $post->getVar('author') && !$xoopsUser->isAdmin()) {
redirect_header($post->permalink(), 1, __('You are not allowed to do this action!', 'mywords'));
die;
}
} else {
$post = new MWPost();
}
// Read privileges
$perms = @$author->getVar('privileges');
$perms = is_array($perms) ? $perms : array();
$allowed_tracks = in_array("tracks", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_tags = in_array("tags", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_cats = in_array("cats", $perms) || $xoopsUser->isAdmin() ? true : false;
$allowed_comms = in_array("comms", $perms) || $xoopsUser->isAdmin() ? true : false;
$xoopsOption['module_subpage'] = 'submit';
include 'header.php';
if ($editor->isNew() && !$xoopsUser->isAdmin()) {
$status = 'pending';
} else {
if ($xoopsUser->isAdmin()) {
$status = $status;
} elseif ($mc->approve && $editor->active) {
$status = $status;
} else {
$status = 'pending';
}
}
$post->setVar('status', $status);
$post->setVar('visibility', $visibility);
$post->setVar('schedule', $schedule);
$post->setVar('password', $vis_password);
$post->setVar('author', $editor->id());
$post->setVar('comstatus', isset($comstatus) ? $comstatus : 0);
$post->setVar('pingstatus', isset($pingstatus) ? $pingstatus : 0);
$post->setVar('authorname', $editor->name != '' ? $editor->name : $editor->shortname);
$post->setVar('image', $image);
$post->setVar('format', $format);
// SEO
$post->setVar('description', $description);
$post->setVar('keywords', $keywords);
$post->setVar('customtitle', $seotitle);
if ($edit) {
$post->setVar('modified', time());
}
if ($post->isNew()) {
$post->setVar('created', time());
}
/**
* Funciones para el control de lecturas
*/
public function add_read()
{
global $xoopsUser;
$editor = new MWEditor($this->getVar('author'));
if ($xoopsUser && $editor->id() == $xoopsUser->uid()) {
return;
}
$this->setVar('reads', $this->getVar('reads') + 1);
$this->db->queryF("UPDATE " . $this->db->prefix("mw_posts") . " SET `reads`='" . $this->getVar('reads') . "' \n\t\t\t\tWHERE id_post='" . $this->id() . "'");
}
$editor = new MWEditor();
$editor->from_user($author);
if ($editor->isNew() && !$xoopsUser->isAdmin()) {
return_error(__('You are not allowed to do this action!', 'mywords'), false, MW_URL);
}
if ($op == 'saveedit') {
if (!isset($id) || $id <= 0) {
return_error(__('You must provide a valid post ID', 'mywords'), 0, 'posts.php');
die;
}
$post = new MWPost($id);
if ($post->isNew()) {
return_error(__('You must provide an existing post ID', 'mywords'), 0, 'posts.php');
die;
}
if (!$editor->id() == $post->getVar('author') && !$xoopsUser->isAdmin()) {
return_error(__('You are not allowed to do this action!', 'mywords'), false, MW_URL);
}
$query = 'op=edit&id=' . $id;
$edit = true;
} else {
$query = 'op=new';
$post = new MWPost();
$edit = false;
}
/**
* @todo Insert code to verify token
*/
// Verify title
if ($title == '') {
return_error(__('You must provide a title for this post', 'mywords'), true);
$xoopsOption['module_subpage'] = 'author';
include 'header.php';
if (!is_numeric($editor)) {
$sql = "SELECT id_editor FROM " . $db->prefix("mod_mywords_editors") . " WHERE shortname='{$editor}'";
list($editor) = $db->fetchRow($db->query($sql));
if ($editor == '') {
$editor = 0;
}
}
$ed = new MWEditor($editor);
if ($ed->isNew()) {
$params = array('page' => 'author');
RMFunctions::error_404(__('Sorry, we don\'t know this editor', 'admin_mywords'), 'mywords', $params);
die;
}
$xoopsTpl->assign('editor', array('id' => $ed->id(), 'uid' => $ed->uid, 'name' => $ed->name, 'email' => $ed->data('email'), 'uname' => $ed->uname));
$page = isset($_REQUEST['page']) ? $_REQUEST['page'] : 0;
if ($page <= 0) {
$path = explode("/", $request);
$srh = array_search('page', $path);
if (isset($path[$srh]) && $path[$srh] == 'page') {
if (!isset($path[$srh])) {
$page = 0;
} else {
$page = $path[$srh + 1];
}
}
}
$request = substr($request, 0, strpos($request, 'page') > 0 ? strpos($request, 'page') - 1 : strlen($request));
/**
* Paginamos los resultados
}
$xoopsTpl->assign('shownav', $xoopsModuleConfig['shownav']);
if ($xoopsUser && ($xoopsUser->isAdmin() || $editor->getVar('uid') == $xoopsUser->uid())) {
$editLink = XOOPS_URL . '/modules/mywords/admin/posts.php?op=edit&id=' . $post->id();
$xoopsTpl->assign('can_edit', true);
$xoopsTpl->assign('edit_link', $editLink);
unset($editLink);
}
$xoopsTpl->assign('lang_reads', sprintf(__('%u views', 'mywords'), $post->getVar('reads')));
// Post pages
$total_pages = $post->total_pages();
$nav = new RMPageNav($total_pages, 1, $page, 5);
$nav->target_url($post->permalink() . ($mc['permalinks'] > 1 ? 'page/{PAGE_NUM}/' : '&page={PAGE_NUM}'));
$xoopsTpl->assign('post_navbar', $nav->render(true));
// Post data
$post_arr = array('id' => $post->id(), 'title' => $post->getVar('title'), 'published' => sprintf(__('%s by %s', 'mywords'), MWFunctions::format_time($post->getVar('pubdate')) . ' ' . date('H:i', $post->getVar('pubdate')), '<a href="' . $editor->permalink() . '">' . (isset($editor) ? $editor->getVar('name') : __('Anonymous', 'mywords')) . "</a>"), 'text' => $post->content(false, $page), 'cats' => $post->get_categos('data'), 'tags' => $post->tags(false), 'trackback' => $post->getVar('pingstatus') ? MWFunctions::get_url(true) . $post->id() : '', 'meta' => $post->get_meta('', false), 'time' => $post->getVar('pubdate'), 'image' => $post->image(), 'video' => $post->video, 'player' => $post->video != '' ? $post->video_player() : '', 'author' => array('name' => $editor->getVar('name') != '' ? $editor->name : $editor->shortname, 'id' => $editor->id(), 'link' => $editor->permalink(), 'bio' => $editor->getVar('bio'), 'email' => $editor->data('email'), 'uid' => $editor->uid, 'url' => $editor->data('url')), 'alink' => $editor->permalink(), 'format' => $post->format, 'comments' => $post->comments, 'comments_enabled' => $post->comstatus);
$xoopsTpl->assign('full_post', 1);
$xoopsTpl->assign('lang_editpost', __('Edit Post', 'mywords'));
$xoopsTpl->assign('lang_postedin', __('Posted in:', 'mywords'));
$xoopsTpl->assign('lang_taggedas', __('Tagged as:', 'mywords'));
$xoopsTpl->assign('enable_images', $xoopsModuleConfig['list_post_imgs']);
// Plugins?
$post_arr = RMEvents::get()->run_event('mywords.view.post', $post_arr, $post);
$xoopsTpl->assign('post', $post_arr);
// Related posts
if ($xoopsModuleConfig['related']) {
$rtags = $post->tags();
$tt = array();
foreach ($rtags as $tag) {
$tt[] = $tag['id_tag'];
}
