function article_save()
{
global $txp_user, $vars, $txpcfg, $prefs;
extract($prefs);
$incoming = psa($vars);
$oldArticle = safe_row('Status, url_title, Title, unix_timestamp(LastMod) as sLastMod, LastModID', 'textpattern', 'ID = ' . (int) $incoming['ID']);
if (!($oldArticle['Status'] >= 4 and has_privs('article.edit.published') or $oldArticle['Status'] >= 4 and $incoming['AuthorID'] == $txp_user and has_privs('article.edit.own.published') or $oldArticle['Status'] < 4 and has_privs('article.edit') or $oldArticle['Status'] < 4 and $incoming['AuthorID'] == $txp_user and has_privs('article.edit.own'))) {
// Not allowed, you silly rabbit, you shouldn't even be here.
// Show default editing screen.
article_edit();
return;
}
if ($oldArticle['sLastMod'] != $incoming['sLastMod']) {
article_edit(gTxt('concurrent_edit_by', array('{author}' => htmlspecialchars($oldArticle['LastModID']))), TRUE);
return;
}
$incoming = textile_main_fields($incoming, $use_textile);
extract(doSlash($incoming));
extract(array_map('assert_int', psa(array('ID', 'Status', 'textile_body', 'textile_excerpt'))));
$Annotate = (int) $Annotate;
if (!has_privs('article.publish') && $Status >= 4) {
$Status = 3;
}
if ($reset_time) {
$whenposted = "Posted=now()";
$when_ts = time();
} else {
$when = $when_ts = strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second) - tz_offset();
$whenposted = "Posted=from_unixtime({$when})";
}
if (empty($exp_year)) {
$expires = 0;
$whenexpires = "Expires=" . NULLDATETIME;
} else {
if (empty($exp_month)) {
$exp_month = 1;
}
if (empty($exp_day)) {
$exp_day = 1;
}
if (empty($exp_hour)) {
$exp_hour = 0;
}
if (empty($exp_minute)) {
$exp_minute = 0;
}
if (empty($exp_second)) {
$exp_second = 0;
}
$expires = strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second) - tz_offset();
$whenexpires = "Expires=from_unixtime({$expires})";
}
if ($expires) {
if ($expires <= $when_ts) {
article_edit(gTxt('article_expires_before_postdate'));
return;
}
}
//Auto-Update custom-titles according to Title, as long as unpublished and NOT customized
if (empty($url_title) || $oldArticle['Status'] < 4 && $oldArticle['url_title'] == $url_title && $oldArticle['url_title'] == stripSpace($oldArticle['Title'], 1) && $oldArticle['Title'] != $Title) {
$url_title = stripSpace($Title_plain, 1);
}
$Keywords = doSlash(trim(preg_replace('/( ?[\\r\\n\\t,])+ ?/s', ',', preg_replace('/ +/', ' ', ps('Keywords'))), ', '));
safe_update("textpattern", "Title = '{$Title}',\n\t\t\tBody = '{$Body}',\n\t\t\tBody_html = '{$Body_html}',\n\t\t\tExcerpt = '{$Excerpt}',\n\t\t\tExcerpt_html = '{$Excerpt_html}',\n\t\t\tKeywords = '{$Keywords}',\n\t\t\tImage = '{$Image}',\n\t\t\tStatus = {$Status},\n\t\t\tLastMod = now(),\n\t\t\tLastModID = '{$txp_user}',\n\t\t\tSection = '{$Section}',\n\t\t\tCategory1 = '{$Category1}',\n\t\t\tCategory2 = '{$Category2}',\n\t\t\tAnnotate = {$Annotate},\n\t\t\ttextile_body = {$textile_body},\n\t\t\ttextile_excerpt = {$textile_excerpt},\n\t\t\toverride_form = '{$override_form}',\n\t\t\turl_title = '{$url_title}',\n\t\t\tAnnotateInvite = '{$AnnotateInvite}',\n\t\t\tcustom_1 = '{$custom_1}',\n\t\t\tcustom_2 = '{$custom_2}',\n\t\t\tcustom_3 = '{$custom_3}',\n\t\t\tcustom_4 = '{$custom_4}',\n\t\t\tcustom_5 = '{$custom_5}',\n\t\t\tcustom_6 = '{$custom_6}',\n\t\t\tcustom_7 = '{$custom_7}',\n\t\t\tcustom_8 = '{$custom_8}',\n\t\t\tcustom_9 = '{$custom_9}',\n\t\t\tcustom_10 = '{$custom_10}',\n\t\t\t{$whenposted},\n\t\t\t{$whenexpires}", "ID = {$ID}");
if ($Status >= 4) {
if ($oldArticle['Status'] < 4) {
do_pings();
}
update_lastmod();
}
article_edit(get_status_message($Status) . check_url_title($url_title));
}
function product_post()
{
global $txp_user, $vars, $txpcfg, $prefs;
extract($prefs);
define("IMPATH", $path_to_site . '/' . $img_dir . '/');
$incoming = psa($vars);
$import = false;
$message = '';
$wrapper = new TXP_Wrapper();
$incoming = $wrapper->textile_main_fields($incoming, $use_textile);
extract(doSlash($incoming));
extract(array_map('assert_int', psa(array('Status', 'textile_body', 'textile_excerpt'))));
$Annotate = ps('Annotate') ? assert_int(ps('Annotate')) : 0;
if ($import) {
$Status = $product['Status'];
}
$when = 'now()';
if ($Title or $Body or $Excerpt) {
if (!has_privs('article.publish') && $Status >= 4) {
$Status = 3;
}
if (empty($url_title)) {
$url_title = stripSpace($Title_plain, 1);
}
if (!$Annotate) {
$Annotate = 0;
}
if (isset($new_vendor_name) && !empty($new_vendor_name)) {
$custom_5 = $new_vendor_name;
cat_vendor_category_create($custom_5);
} else {
if (isset($vendor)) {
$custom_5 = $vendor;
}
}
safe_insert("textpattern", "Title = '{$Title}',\n\t\t\t\tBody = '{$Body}',\n\t\t\t\tBody_html = '{$Body_html}',\n\t\t\t\tExcerpt = '{$Excerpt}',\n\t\t\t\tExcerpt_html = '{$Excerpt_html}',\n\t\t\t\tImage = '{$Image}',\n\t\t\t\tKeywords = '{$Keywords}',\n\t\t\t\tStatus = {$Status},\n\t\t\t\tPosted = {$when},\n\t\t\t\tLastMod = now(),\n\t\t\t\tAuthorID = '{$txp_user}',\n\t\t\t\tSection = '{$Section}',\n\t\t\t\tCategory1 = '{$Category1}',\n\t\t\t\tCategory2 = '{$Category2}',\n\t\t\t\ttextile_body = {$textile_body},\n\t\t\t\ttextile_excerpt = {$textile_excerpt},\n\t\t\t\tAnnotate = {$Annotate},\n\t\t\t\toverride_form = '{$override_form}',\n\t\t\t\turl_title = '{$url_title}',\n\t\t\t\tAnnotateInvite = '{$AnnotateInvite}',\n\t\t\t\tcustom_1 = '{$custom_1}',\n\t\t\t\tcustom_2 = '{$custom_2}',\n\t\t\t\tcustom_3 = '{$custom_3}',\n\t\t\t\tcustom_4 = '{$custom_4}',\n\t\t\t\tcustom_5 = '{$custom_5}',\n\t\t\t\tcustom_6 = '{$custom_6}',\n\t\t\t\tcustom_7 = '{$custom_7}',\n\t\t\t\tcustom_8 = '{$custom_8}',\n\t\t\t\tcustom_9 = '{$custom_9}',\n\t\t\t\tcustom_10 = '{$custom_10}',\n\t\t\t\tuid\t\t\t\t= '" . md5(uniqid(rand(), true)) . "',\n\t\t\t\tfeed_time\t\t= now()");
$GLOBALS['ID'] = mysql_insert_id();
$ID = $GLOBALS['ID'];
//print_r($_FILES);
//CUSTOM FIELDS
save_custom_fields($_REQUEST['custom_fields'], $ID);
//IMAGE UPLOAD
//=======================
if ($_FILES["uploadFile"]["type"] == "image/gif" || $_FILES["uploadFile"]["type"] == "image/jpeg" || $_FILES["uploadFile"]["type"] == "image/png") {
// prepare the image for insertion
$img = $_FILES['uploadFile']['tmp_name'];
upload_image($img, 1, $ID);
}
//END IMAGE UPLOAD
//=======================
if ($Status >= 4) {
if (!function_exists("do_pings")) {
require_once txpath . '/include/txp_article.php';
do_pings();
}
update_lastmod();
}
product_edit("", "", "Product Saved");
} else {
product_edit();
}
}
/**
* Processes sent forms and updates existing articles.
*/
function article_save()
{
global $txp_user, $vars, $prefs;
extract($prefs);
$incoming = array_map('assert_string', psa($vars));
$oldArticle = safe_row("Status, url_title, Title, textile_body, textile_excerpt,\n UNIX_TIMESTAMP(LastMod) AS sLastMod, LastModID,\n UNIX_TIMESTAMP(Posted) AS sPosted,\n UNIX_TIMESTAMP(Expires) AS sExpires", 'textpattern', "ID = " . (int) $incoming['ID']);
if (!($oldArticle['Status'] >= STATUS_LIVE and has_privs('article.edit.published') or $oldArticle['Status'] >= STATUS_LIVE and $incoming['AuthorID'] === $txp_user and has_privs('article.edit.own.published') or $oldArticle['Status'] < STATUS_LIVE and has_privs('article.edit') or $oldArticle['Status'] < STATUS_LIVE and $incoming['AuthorID'] === $txp_user and has_privs('article.edit.own'))) {
// Not allowed, you silly rabbit, you shouldn't even be here.
// Show default editing screen.
article_edit();
return;
}
if ($oldArticle['sLastMod'] != $incoming['sLastMod']) {
article_edit(array(gTxt('concurrent_edit_by', array('{author}' => txpspecialchars($oldArticle['LastModID']))), E_ERROR), true, true);
return;
}
if (!has_privs('article.set_markup')) {
$incoming['textile_body'] = $oldArticle['textile_body'];
$incoming['textile_excerpt'] = $oldArticle['textile_excerpt'];
}
$incoming = textile_main_fields($incoming);
extract(doSlash($incoming));
extract(array_map('assert_int', psa(array('ID', 'Status'))));
// Comments may be on, off, or disabled.
$Annotate = (int) $Annotate;
if (!has_privs('article.publish') && $Status >= STATUS_LIVE) {
$Status = STATUS_PENDING;
}
// Set and validate article timestamp.
if ($reset_time) {
$whenposted = "Posted = NOW()";
$when_ts = time();
} else {
if (!is_numeric($year) || !is_numeric($month) || !is_numeric($day) || !is_numeric($hour) || !is_numeric($minute) || !is_numeric($second)) {
$ts = false;
} else {
$ts = strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second);
}
if ($ts === false || $ts < 0) {
$when = $when_ts = $oldArticle['sPosted'];
$msg = array(gTxt('invalid_postdate'), E_ERROR);
} else {
$when = $when_ts = $ts - tz_offset($ts);
}
$whenposted = "Posted = FROM_UNIXTIME({$when})";
}
// Set and validate expiry timestamp.
if (empty($exp_year)) {
$expires = 0;
} else {
if (empty($exp_month)) {
$exp_month = 1;
}
if (empty($exp_day)) {
$exp_day = 1;
}
if (empty($exp_hour)) {
$exp_hour = 0;
}
if (empty($exp_minute)) {
$exp_minute = 0;
}
if (empty($exp_second)) {
$exp_second = 0;
}
$ts = strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second);
if ($ts === false || $ts < 0) {
$expires = $oldArticle['sExpires'];
$msg = array(gTxt('invalid_expirydate'), E_ERROR);
} else {
$expires = $ts - tz_offset($ts);
}
}
if ($expires && $expires <= $when_ts) {
$expires = $oldArticle['sExpires'];
$msg = array(gTxt('article_expires_before_postdate'), E_ERROR);
}
if ($expires) {
$whenexpires = "Expires = FROM_UNIXTIME({$expires})";
} else {
$whenexpires = "Expires = " . NULLDATETIME;
}
// Auto-update custom-titles according to Title, as long as unpublished and
// NOT customised.
if (empty($url_title) || $oldArticle['Status'] < STATUS_LIVE && $oldArticle['url_title'] === $url_title && $oldArticle['url_title'] === stripSpace($oldArticle['Title'], 1) && $oldArticle['Title'] !== $Title) {
$url_title = stripSpace($Title_plain, 1);
}
$Keywords = doSlash(trim(preg_replace('/( ?[\\r\\n\\t,])+ ?/s', ',', preg_replace('/ +/', ' ', ps('Keywords'))), ', '));
$user = doSlash($txp_user);
$description = doSlash($description);
$cfq = array();
$cfs = getCustomFields();
foreach ($cfs as $i => $cf_name) {
$custom_x = "custom_{$i}";
$cfq[] = "custom_{$i} = '" . ${$custom_x} . "'";
}
$cfq = join(', ', $cfq);
$rs = compact($vars);
if (article_validate($rs, $msg)) {
if (safe_update('textpattern', "Title = '{$Title}',\n Body = '{$Body}',\n Body_html = '{$Body_html}',\n Excerpt = '{$Excerpt}',\n Excerpt_html = '{$Excerpt_html}',\n Keywords = '{$Keywords}',\n description = '{$description}',\n Image = '{$Image}',\n Status = {$Status},\n LastMod = NOW(),\n LastModID = '{$user}',\n Section = '{$Section}',\n Category1 = '{$Category1}',\n Category2 = '{$Category2}',\n Annotate = {$Annotate},\n textile_body = '{$textile_body}',\n textile_excerpt = '{$textile_excerpt}',\n override_form = '{$override_form}',\n url_title = '{$url_title}',\n AnnotateInvite = '{$AnnotateInvite}'," . ($cfs ? $cfq . ',' : '') . "{$whenposted},\n {$whenexpires}", "ID = {$ID}")) {
if ($Status >= STATUS_LIVE && $oldArticle['Status'] < STATUS_LIVE) {
do_pings();
}
if ($Status >= STATUS_LIVE || $oldArticle['Status'] >= STATUS_LIVE) {
update_lastmod('article_saved', $rs);
}
now('posted', true);
now('expires', true);
callback_event('article_saved', '', false, $rs);
if (empty($msg)) {
$s = check_url_title($url_title);
$msg = array(get_status_message($Status) . ' ' . $s, $s ? E_WARNING : 0);
}
} else {
$msg = array(gTxt('article_save_failed'), E_ERROR);
}
}
article_edit($msg, false, true);
}
function article_save()
{
global $txp_user, $vars, $txpcfg, $prefs;
extract($prefs);
$incoming = psa($vars);
$oldArticle = safe_row('Status, url_title, Title', 'textpattern', 'ID = ' . (int) $incoming['ID']);
if (!($oldArticle['Status'] >= 4 and has_privs('article.edit.published') or $oldArticle['Status'] >= 4 and $incoming['AuthorID'] == $txp_user and has_privs('article.edit.own.published') or $oldArticle['Status'] < 4 and has_privs('article.edit') or $oldArticle['Status'] < 4 and $incoming['AuthorID'] == $txp_user and has_privs('article.edit.own'))) {
// Not allowed, you silly rabbit, you shouldn't even be here.
// Show default editing screen.
article_edit();
return;
}
$incoming = textile_main_fields($incoming, $use_textile);
extract(doSlash($incoming));
extract(array_map('assert_int', psa(array('ID', 'Status', 'textile_body', 'textile_excerpt'))));
$Annotate = ps('Annotate') ? assert_int(ps('Annotate')) : 0;
if (!has_privs('article.publish') && $Status >= 4) {
$Status = 3;
}
if ($reset_time) {
$whenposted = "Posted=now()";
} else {
$when = strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second) - tz_offset();
$when = "from_unixtime({$when})";
$whenposted = "Posted={$when}";
}
//Auto-Update custom-titles according to Title, as long as unpublished and NOT customized
if (empty($url_title) || $oldArticle['Status'] < 4 && $oldArticle['url_title'] == $url_title && $oldArticle['url_title'] == stripSpace($oldArticle['Title'], 1) && $oldArticle['Title'] != $Title) {
$url_title = stripSpace($Title_plain, 1);
}
if (!$Annotate) {
$Annotate = 0;
}
safe_update("textpattern", "Title = '{$Title}',\n\t\t\tBody = '{$Body}',\n\t\t\tBody_html = '{$Body_html}',\n\t\t\tExcerpt = '{$Excerpt}',\n\t\t\tExcerpt_html = '{$Excerpt_html}',\n\t\t\tKeywords = '{$Keywords}',\n\t\t\tImage = '{$Image}',\n\t\t\tStatus = {$Status},\n\t\t\tLastMod = now(),\n\t\t\tLastModID = '{$txp_user}',\n\t\t\tSection = '{$Section}',\n\t\t\tCategory1 = '{$Category1}',\n\t\t\tCategory2 = '{$Category2}',\n\t\t\tAnnotate = {$Annotate},\n\t\t\ttextile_body = {$textile_body},\n\t\t\ttextile_excerpt = {$textile_excerpt},\n\t\t\toverride_form = '{$override_form}',\n\t\t\turl_title = '{$url_title}',\n\t\t\tAnnotateInvite = '{$AnnotateInvite}',\n\t\t\tcustom_1 = '{$custom_1}',\n\t\t\tcustom_2 = '{$custom_2}',\n\t\t\tcustom_3 = '{$custom_3}',\n\t\t\tcustom_4 = '{$custom_4}',\n\t\t\tcustom_5 = '{$custom_5}',\n\t\t\tcustom_6 = '{$custom_6}',\n\t\t\tcustom_7 = '{$custom_7}',\n\t\t\tcustom_8 = '{$custom_8}',\n\t\t\tcustom_9 = '{$custom_9}',\n\t\t\tcustom_10 = '{$custom_10}',\n\t\t\t{$whenposted}", "ID = {$ID}");
if ($Status >= 4) {
if ($oldArticle['Status'] < 4) {
do_pings();
}
update_lastmod();
}
article_edit(get_status_message($Status) . check_url_title($url_title));
}
