Example #1
0
 /**
  * We want to preview a single post, we are going to fake a lot of things...
  */
 function preview_from_request()
 {
     global $current_User;
     if (empty($current_User)) {
         // dh> only logged in user's can preview. Alternatively we need those checks where $current_User gets used below.
         return;
     }
     global $DB, $localtimenow, $Messages, $BlogCache;
     global $Plugins;
     if ($this->Blog->get_setting('allow_html_post')) {
         // HTML is allowed for this post
         $text_format = 'html';
     } else {
         // HTML is disallowed for this post
         $text_format = 'htmlspecialchars';
     }
     $preview_userid = param('preview_userid', 'integer', true);
     $post_status = param('post_status', 'string', true);
     $post_locale = param('post_locale', 'string', $current_User->locale);
     $content = param('content', $text_format, true);
     $post_title = param('post_title', $text_format, true);
     $post_titletag = param('titletag', 'string', true);
     $post_excerpt = param('post_excerpt', 'string', true);
     $post_url = param('post_url', 'string', '');
     check_categories_nosave($post_category, $post_extracats);
     $post_views = param('post_views', 'integer', 0);
     $renderers = param('renderers', 'array/string', array('default'));
     if (!is_array($renderers)) {
         // dh> workaround for param() bug. See rev 1.93 of /inc/_misc/_misc.funcs.php
         $renderers = array('default');
     }
     if ($post_category == 0) {
         $post_category = $this->Blog->get_default_cat_ID();
     }
     $comment_Blog =& $BlogCache->get_by_ID(get_catblog($post_category));
     if ($comment_Blog->get_setting('allow_comments') != 'never' && $comment_Blog->get_setting('disable_comments_bypost')) {
         // param is required
         $post_comment_status = param('post_comment_status', 'string', true);
     } else {
         $post_comment_status = $comment_Blog->get_setting('allow_comments');
     }
     // Get issue date, using the user's locale (because it's entered like this in the form):
     locale_temp_switch($current_User->locale);
     param_date('item_issue_date', T_('Please enter a valid issue date.'), false);
     // TODO: dh> get_param() is always true here, also on invalid dates:
     if (strlen(get_param('item_issue_date'))) {
         // only set it, if a date was given:
         param_time('item_issue_time');
         $item_issue_date = form_date(get_param('item_issue_date'), get_param('item_issue_time'));
         // TODO: cleanup...
     } else {
         $item_issue_date = date('Y-m-d H:i:s', $localtimenow);
     }
     locale_restore_previous();
     $item_typ_ID = param('item_typ_ID', 'integer', NULL);
     $item_st_ID = param('item_st_ID', 'integer', NULL);
     $item_assigned_user_ID = param('item_assigned_user_ID', 'integer', NULL);
     $item_deadline = param('item_deadline', 'string', NULL);
     $item_priority = param('item_priority', 'integer', NULL);
     // QUESTION: can this be also empty/NULL?
     // Do some optional filtering on the content
     // Typically stuff that will help the content to validate
     // Useful for code display.
     // Will probably be used for validation also.
     $Plugins_admin =& get_Plugins_admin();
     $params = array('object_type' => 'Item', 'object_Blog' => &$comment_Blog);
     $Plugins_admin->filter_contents($post_title, $content, $renderers, $params);
     $post_title = format_to_post($post_title);
     $content = format_to_post($content);
     $post_ID = param('post_ID', 'integer', 0);
     $this->sql = "SELECT\n\t\t\t{$post_ID} AS post_ID,\n\t\t\t{$preview_userid} AS post_creator_user_ID,\n\t\t\t{$preview_userid} AS post_lastedit_user_ID,\n\t\t\t'{$item_issue_date}' AS post_datestart,\n\t\t\t'{$item_issue_date}' AS post_datecreated,\n\t\t\t'{$item_issue_date}' AS post_datemodified,\n\t\t\t'{$item_issue_date}' AS post_last_touched_ts,\n\t\t\t0 AS post_dateset,\n\t\t\t'" . $DB->escape($post_status) . "' AS post_status,\n\t\t\t'" . $DB->escape($post_locale) . "' AS post_locale,\n\t\t\t'" . $DB->escape($content) . "' AS post_content,\n\t\t\t'" . $DB->escape($post_title) . "' AS post_title,\n\t\t\t'" . $DB->escape($post_titletag) . "' AS post_titletag,\n\t\t\t'" . $DB->escape($post_excerpt) . "' AS post_excerpt,\n\t\t\tNULL AS post_excerpt_autogenerated,\n\t\t\tNULL AS post_urltitle,\n\t\t\tNULL AS post_canonical_slug_ID,\n\t\t\tNULL AS post_tiny_slug_ID,\n\t\t\t'" . $DB->escape($post_url) . "' AS post_url,\n\t\t\t{$post_category} AS post_main_cat_ID,\n\t\t\t{$post_views} AS post_views,\n\t\t\t'' AS post_flags,\n\t\t\t'noreq' AS post_notifications_status,\n\t\t\tNULL AS post_notifications_ctsk_ID,\n\t\t\t" . bpost_count_words($content) . " AS post_wordcount,\n\t\t\t" . $DB->quote($post_comment_status) . " AS post_comment_status,\n\t\t\t'" . $DB->escape(implode('.', $renderers)) . "' AS post_renderers,\n\t\t\t" . $DB->quote($item_assigned_user_ID) . " AS post_assigned_user_ID,\n\t\t\t" . $DB->quote($item_typ_ID) . " AS post_ptyp_ID,\n\t\t\t" . $DB->quote($item_st_ID) . " AS post_pst_ID,\n\t\t\t" . $DB->quote($item_deadline) . " AS post_datedeadline,\n\t\t\t" . $DB->quote($item_priority) . " AS post_priority,";
     $this->sql .= $DB->quote(param('item_order', 'double', NULL)) . ' AS post_order' . ",\n" . $DB->quote(param('item_featured', 'integer', NULL)) . ' AS post_featured' . "\n";
     $this->total_rows = 1;
     $this->total_pages = 1;
     $this->page = 1;
     // ATTENTION: we skip the parent on purpose here!! fp> refactor
     DataObjectList2::query(false, false, false, 'PREVIEW QUERY');
     $Item =& $this->Cache->instantiate($this->rows[0]);
     // set Item settings
     $Item->set_setting('hide_teaser', param('item_hideteaser', 'integer', 0));
     $Item->set_setting('post_metadesc', param('metadesc', 'string', true));
     $Item->set_setting('post_custom_headers', param('custom_headers', 'string', true));
     // set custom Item settings
     foreach (array('double', 'varchar') as $type) {
         $count_custom_field = $comment_Blog->get_setting('count_custom_' . $type);
         $param_type = $type == 'varchar' ? 'string' : $type;
         for ($i = 1; $i <= $count_custom_field; $i++) {
             // For each custom double field:
             $field_guid = $comment_Blog->get_setting('custom_' . $type . $i);
             $Item->set_setting('custom_' . $type . '_' . $field_guid, param('item_' . $type . '_' . $field_guid, $param_type, NULL));
         }
     }
     // Trigger plugin event, allowing to manipulate or validate the item before it gets previewed
     $Plugins->trigger_event('AppendItemPreviewTransact', array('Item' => &$Item));
     if ($Messages->has_errors()) {
         $errcontent = $Messages->display(T_('Invalid post, please correct these errors:'), '', false);
         $Item->content = $errcontent . "\n<hr />\n" . $content;
     }
     // little funky fix for IEwin, rawk on that code
     global $Hit;
     if ($Hit->is_winIE() && !isset($IEWin_bookmarklet_fix)) {
         // QUESTION: Is this still needed? What about $IEWin_bookmarklet_fix? (blueyed)
         $Item->content = preg_replace('/\\%u([0-9A-F]{4,4})/e', "'&#'.base_convert('\\1',16,10). ';'", $Item->content);
     }
 }
Example #2
0
 case 'edit_switchtab':
     // this gets set as action by JS, when we switch tabs
     // This is somewhat in between new and edit...
     // Check permission based on DB status:
     $current_User->check_perm('item_post!CURSTATUS', 'edit', true, $edited_Item);
     $edited_Item->status = param('post_status', 'string', NULL);
     // 'published' or 'draft' or ...
     // We know we can use at least one status,
     // but we need to make sure the requested/default one is ok:
     $edited_Item->status = $Blog->get_allowed_item_status($edited_Item->status);
     // We use the request variables to fill the edit form, because we need to be able to pass those values
     // from tab to tab via javascript when the editor wants to switch views...
     $edited_Item->load_from_Request(true);
     // needs Blog set
     // Check if new category was started to create. If yes then set up parameters for next page
     check_categories_nosave($post_category, $post_extracats);
     $edited_Item->set('main_cat_ID', $post_category);
     if ($edited_Item->main_cat_ID && get_allow_cross_posting() < 2 && $edited_Item->get_blog_ID() != $blog) {
         // the main cat is not in the list of categories; this happens, if the user switches blogs during editing:
         $edited_Item->set('main_cat_ID', $Blog->get_default_cat_ID());
     }
     $post_extracats = param('post_extracats', 'array/integer', $post_extracats);
     param('item_tags', 'string', '');
     // Trackback addresses (never saved into item)
     param('trackback_url', 'string', '');
     // Page title:
     $AdminUI->title_titlearea = sprintf(T_('Editing post #%d: %s'), $edited_Item->ID, $Blog->get('name'));
     $AdminUI->breadcrumbpath_add(sprintf(T_('Post #%s'), $edited_Item->ID), '?ctrl=items&amp;blog=' . $Blog->ID . '&amp;p=' . $edited_Item->ID);
     $AdminUI->breadcrumbpath_add(T_('Edit'), '?ctrl=items&amp;action=edit&amp;blog=' . $Blog->ID . '&amp;p=' . $edited_Item->ID);
     // Params we need for tab switching:
     $tab_switch_params = 'p=' . $edited_Item->ID;
Example #3
0
/**
 *
 * Check if new category needs to be created or not (after post editing).
 * If the new category radio is checked creates the new category and set it to post category
 * If the new category checkbox is checked creates the new category and set it to post extracat
 *
 * Function is called during post creation or post update
 *
 * @param Object Post category (by reference).
 * @param Array Post extra categories (by reference).
 * @return boolean true - if there is no new category, or new category created succesfull; false if new category creation failed.
 */
function check_categories(&$post_category, &$post_extracats)
{
    $post_category = param('post_category', 'integer', -1);
    $post_extracats = param('post_extracats', 'array/integer', array());
    global $Messages, $Blog, $blog;
    load_class('chapters/model/_chaptercache.class.php', 'ChapterCache');
    $GenericCategoryCache =& get_ChapterCache();
    if ($post_category == -1) {
        // no main cat select
        if (count($post_extracats) == 0) {
            // no extra cat select
            $post_category = $Blog->get_default_cat_ID();
        } else {
            // first extracat become main_cat
            if (get_allow_cross_posting() >= 2) {
                // allow moving posts between different blogs is enabled, set first selected cat as main cat
                $post_category = $post_extracats[0];
            } else {
                // allow moving posts between different blogs is disabled - we need a main cat from $blog
                foreach ($post_extracats as $cat) {
                    if (get_catblog($cat) != $blog) {
                        // this cat is not from $blog
                        continue;
                    }
                    // set first cat from $blog as main cat
                    $post_category = $cat;
                    break;
                }
                if ($post_category == -1) {
                    // wasn't cat selected from $blog select a default as main cat
                    $post_category = $Blog->get_default_cat_ID();
                }
            }
        }
        if ($post_category) {
            // If main cat is not a new category, and has been autoselected
            $GenericCategory =& $GenericCategoryCache->get_by_ID($post_category);
            $post_category_Blog = $GenericCategory->get_Blog();
            $Messages->add(sprintf(T_('The main category for this post has been automatically set to "%s" (Blog "%s")'), $GenericCategory->get_name(), $post_category_Blog->get('name')), 'warning');
        }
    }
    if (!$post_category || in_array(0, $post_extracats)) {
        global $current_User;
        if (!$current_User->check_perm('blog_cats', '', false, $Blog->ID)) {
            // Current user cannot add a categories for this blog
            check_categories_nosave($post_category, $post_extracats);
            // set up the category parameters
            $Messages->add(T_('You are not allowed to create a new category.'), 'error');
            return false;
        }
        $category_name = param('category_name', 'string', true);
        if ($category_name == '') {
            $show_error = !$post_category;
            // new main category without name => error message
            check_categories_nosave($post_category, $post_extracats);
            // set up the category parameters
            if ($show_error) {
                // new main category without name
                $Messages->add(T_('Please provide a name for new category.'), 'error');
                return false;
            }
            return true;
        }
        $new_GenericCategory =& $GenericCategoryCache->new_obj(NULL, $blog);
        // create new category object
        $new_GenericCategory->set('name', $category_name);
        if ($new_GenericCategory->dbinsert() !== false) {
            $Messages->add(T_('New category created.'), 'success');
            if (!$post_category) {
                $post_category = $new_GenericCategory->ID;
                // set the new ID
            }
            if (($extracat_key = array_search('0', $post_extracats)) || $post_extracats[0] == '0') {
                if ($extracat_key) {
                    unset($post_extracats[$extracat_key]);
                } else {
                    unset($post_extracats[0]);
                }
                $post_extracats[] = $new_GenericCategory->ID;
            }
            $GenericCategoryCache->add($new_GenericCategory);
        } else {
            $Messages->add(T_('New category creation failed.'), 'error');
            return false;
        }
    }
    if (get_allow_cross_posting() == 2) {
        // Extra cats in different blogs is disabled, check selected extra cats
        $post_category_blog = get_catblog($post_category);
        $ignored_cats = '';
        foreach ($post_extracats as $key => $cat) {
            if (get_catblog($cat) != $post_category_blog) {
                // this cat is not from main category blog, it has to be ingnored
                $GenericCategory =& $GenericCategoryCache->get_by_ID($cat);
                $ignored_cats = $ignored_cats . $GenericCategory->get_name() . ', ';
                unset($post_extracats[$key]);
            }
        }
        $ingnored_length = strlen($ignored_cats);
        if ($ingnored_length > 2) {
            // ingnore list is not empty
            global $current_User, $admin_url;
            if ($current_User->check_perm('options', 'view', false)) {
                $cross_posting_text = '<a href="' . $admin_url . '?ctrl=features">' . T_('cross-posting is disabled') . '</a>';
            } else {
                $cross_posting_text = T_('cross-posting is disabled');
            }
            $ignored_cats = substr($ignored_cats, 0, $ingnored_length - 2);
            $Messages->add(sprintf(T_('The category selection "%s" was ignored since %s'), $ignored_cats, $cross_posting_text), 'warning');
        }
    }
    // make sure main cat is in extracat list and there are no duplicates
    $post_extracats[] = $post_category;
    $post_extracats = array_unique($post_extracats);
    return true;
}