$page_header = show_page_header($left_text, $right_text);
$main_content = $page_header;
// if an action parameter is set in the array then the article has been posted
if (isset($article_data['action'])) {
// default base text
$main_content .= '
<h2>Your article has been ' . $article_data['action'] . '</h2>
<p><strong>Title:</strong> ' . stripslashes($article_data['title']) . '</p>';
$main_content .= '
<p>
<a href="' . $_SERVER["PHP_SELF"] . '?page_name=write&article_id=' . $article_data['id'] . '">Edit your article</a>
</p>';
if ($status_text == 'postdated') {
// postdated article
$main_content .= '
<p>This article is postdated and will be available on the site from ' . from_mysql_date($article_data['date_uploaded'], 'd m Y \\a\\t H:i') . '</p>';
} elseif ($article_data['status'] == 'P' || $article_data['status'] == 'A') {
// published or archived (i.e. still visible from main site
if ($config['layout']['url_style'] == 'blog') {
$article_url = WW_REAL_WEB_ROOT . '/' . date('Y/m/d', strtotime($article_data['date_uploaded'])) . '/' . $row['url'] . '/';
} else {
// get category url
$conn = author_connect();
$query = "SELECT url FROM categories WHERE id = " . (int) $article_data['category_id'];
$result = $conn->query($query);
$row = $result->fetch_assoc();
$article_url = WW_REAL_WEB_ROOT . '/' . $row['url'] . '/' . $article_data['url'] . '/';
}
$action_text = $article_data['action'] == 'updated' ? 'Updated' : 'New';
$main_content .= '
<p>
function get_url($url, $cache_hard = true)
{
global $http_cache_timeout;
global $api_calls;
global $cached_api_calls;
# Check whether we have a cached response for this URL
# Note there are two cache timestamps: fetched_on_server is tied to the
# server (mothership)'s clock and fetched_on is tied to the local clock.
# We are careful to compare the local now() against fetched_on and the
# server's "Date:" header values against fetched_on_server.
if (!$http_cache_timeout) {
throw new Exception("\$http_cache_timeout not set");
}
# Expire old cache entries.
mysql_query('delete from http_cache where fetched_on < now() - ' . $http_cache_timeout);
# Load a valid cache element, if any.
$sql = 'select content, fetched_on_server from http_cache where url = \'' . mysql_real_escape_string($url) . '\' and fetched_on >= now() - ' . $http_cache_timeout;
$q = mysql_query($sql);
if (!$q) {
throw new Exception("Getting cache, got database error: " . mysql_error());
}
require_once 'HTTP/Request.php';
if ($row = mysql_fetch_row($q)) {
list($content, $fetched_on) = $row;
# Under "hard" caching, return the cached data without talking to server.
if ($cache_hard) {
message("Hard cache hit at {$url}");
return $content;
}
# Under "soft" caching, we make a request to ask the server if the resource
# has changed since our copy.
$fetched_on_http_date = date(DATE_RFC1123, from_mysql_date($fetched_on));
$req = new HTTP_Request($url);
$req->addHeader('If-Modified-Since', $fetched_on_http_date);
$request_timer -= microtime(true);
$ok = $req->sendRequest();
$request_timer += microtime(true);
$cached_api_calls = $cached_api_calls + 1;
if (!PEAR::isError($ok)) {
$respCode = $req->getResponseCode();
if (304 == $respCode) {
# 304 Not Modified; we can use the cached copy.
message('Cache hit at ' . $url . ' using If-Modified-Since: ' . $fetched_on_http_date . "Request timer: {$request_timer}" . 's');
return $content;
} elseif (200 <= $respCode && $respCode < 300) {
# Got an OK response, use the data.
message('Cache refresh at ' . $url . ' If-Modified-Since: ' . $fetched_on_http_date . '. Request timer: ' . $request_timer . 's');
$content = $req->getResponseBody();
$fetched_on_server = mysql_date(from_http_date($req->getResponseHeader('Date')));
mysql_query('delete from http_cache where url = \'' . mysql_real_escape_string($url) . '\'');
if (!insert_into('http_cache', array('url' => $url, 'content' => $content, 'fetched_on_server' => $fetched_on_server))) {
throw new Exception("Database error writing to HTTP cache: " . mysql_error());
}
return $content;
}
} else {
throw new Exception("Error while GETing {$url} ({$ok})");
}
} else {
$req = new HTTP_Request($url);
$request_timer -= microtime(true);
$ok = $req->sendRequest();
$request_timer += microtime(true);
$api_calls = $api_calls + 1;
message("Cache miss at {$url} Request timer: " . $request_timer . "s");
if (PEAR::isError($ok)) {
throw new Exception("Unknown error trying GET {$url}");
}
$respCode = $req->getResponseCode();
if (200 <= $respCode && $respCode < 300) {
# Got an OK response, use it.
$content = $req->getResponseBody();
$fetched_on_server = mysql_date(from_http_date($req->getResponseHeader('Date')));
mysql_query('delete from http_cache where url = \'' . mysql_real_escape_string($url) . '\'');
if (!insert_into('http_cache', array('url' => $url, 'content' => $content, 'fetched_on_server' => $fetched_on_server))) {
throw new Exception("Database error writing to HTTP cache: " . mysql_error());
}
return $content;
} else {
error("GET {$url} returned {$respCode}");
return null;
}
}
}
</div>';
}
if (!empty($user_comment_stats)) {
$aside_content .= build_snippet('Your comments statistics', $user_comment_stats);
}
if (!empty($user_new_comments)) {
$c_text = count($user_new_comments) > 1 ? ' new comments</a> have ' : ' new comment</a> has ';
$aside_content .= '
<div class="snippet">
<p><a href="' . $_SERVER["PHP_SELF"] . '?page_name=comments">' . count($user_new_comments) . $c_text . 'been posted to your articles since your last login.</div>';
}
// sitewide stats
if (!empty($all_article_stats)) {
$aside_content .= '<h4>All articles</h4>' . build_snippet('Sitewide article statistics', $all_article_stats) . '
<div class="snippet">
<p>The last article was published on:</p>
<p class="indent"><em>' . from_mysql_date($last_site_post, 'l, j F Y') . '</em></p>
<p>Total published:</p>
<p class="indent"><strong><em>' . $total_site_post . ' articles</strong> since
' . from_mysql_date($first_site_post, 'j M Y') . '</em></p>
</div>';
}
if (!empty($all_comment_stats)) {
$aside_content .= build_snippet('Sitewide comment statistics', $all_comment_stats);
}
if (!empty($all_new_comments)) {
$c_text = count($all_new_comments) > 1 ? ' new comments</a> have ' : ' new comment</a> has ';
$aside_content .= '
<div class="snippet">
<p><a href="' . $_SERVER["PHP_SELF"] . '?page_name=comments&new">' . count($all_new_comments) . $c_text . 'been posted to the site since your last login.</div>';
}
<p><strong>' . $error . '</strong></p>';
}
if (!file_exists(WW_ROOT . '/ww_files/attachments/' . $attachment['ext'] . '/' . $attachment['filename'])) {
$main_content .= '
<p><strong>File missing!</strong> This attachment cannot be found in the attachments/' . $attachment['ext'] . ' folder - it will either need to be replaced or deleted from the database</p>';
}
// main attachment details
$mime_edit = !empty($attachment['mime']) ? ' readonly="readonly"' : '';
$ext_edit = !empty($attachment['ext']) ? ' readonly="readonly"' : '';
$summary = isset($attachment['summary']) ? $attachment['summary'] : '';
$downloads = isset($attachment['downloads']) ? $attachment['downloads'] : 0;
$main_content .= '
<hr />
<h4>file details</h4>
<p>This file was uploaded by ' . $attachment['author_name'] . ' on ' . from_mysql_date($attachment['date_uploaded']) . ' |
<a href="' . $attachment['src'] . '">download</a></p>
<form id="attachment_details" method="post" action="' . $url . '">
<p>
<label for="title">Title</label>
<input type="text" name="title" value="' . $attachment['title'] . '"/>
</p>
<p>
<label for="summary">Description</label>
<textarea name="summary">' . $summary . '</textarea>
</p>
<p>
<label for="filename">Filename</label>
<input type="text" name="filename" value="' . $attachment['filename'] . '" readonly="readonly"/>
</p>
<p>
/**
* build_file_listing
*
*
*
*
*
*
*/
function build_file_listing($files)
{
if (empty($files)) {
$html = '<p>No files found</p>';
return false;
}
$html = '<ul class="file_listing">';
foreach ($files as $file) {
if (!is_array($file)) {
continue;
}
// determine type of listing
if ($_GET['page_name'] == 'attachments') {
// check file exists
$file_check = WW_ROOT . '/ww_files/attachments/' . $file['ext'] . '/' . $file['filename'];
$class = !file_exists($file_check) ? ' class="notfound"' : '';
// output
$html .= '
<li' . $class . '>
<div class="file_name">
<a href="' . $_SERVER["PHP_SELF"] . '?page_name=attachments&attachment_id=' . $file['id'] . '">
' . $file['title'] . '</a>
</div>
<div class="file_title">
' . $file['filename'] . '
</div>
<div class="file_type">
<a href="' . $_SERVER["PHP_SELF"] . '?page_name=attachments&ext=' . $file['ext'] . '">
' . $file['ext'] . '</a> : ' . $file['mime'] . '
</div>
<div class="file_size">
size: ' . get_kb_size($file['size']) . 'kb
</div>
<div class="file_downloads">
downloads: ' . $file['downloads'] . '
</div>
<div class="file_date">
uploaded: ' . from_mysql_date($file['date_uploaded']) . '
</div>
<div class="file_author">
by ' . $file['author_name'] . '
</div>
<div class="file_delete">
<a href="' . $_SERVER["PHP_SELF"] . '?page_name=attachments&action=delete&attachment_id=' . $file['id'] . '">
delete</a>
</div>
</li>';
} else {
$html .= '
<li>
<div class="file_name">
<a href="' . $file['link'] . '">
' . $file['filename'] . '</a>
</div>
<div class="file_title">
folder: <a href="' . $_SERVER["PHP_SELF"] . '?page_name=files&folder=' . $_GET['folder'] . '">
' . $_GET['folder'] . '</a>
</div>
<div class="file_size">
size: ' . get_kb_size($file['size']) . 'kb
</div>
<div class="file_date">
uploaded: ' . date('d F Y', $file['date_uploaded']) . '
</div>
<div class="file_author">
type: ' . $file['ext'] . '
</div>
<div class="file_delete">
<a href="' . $_SERVER["PHP_SELF"] . '?page_name=files&action=delete&folder=' . $_GET['folder'] . '&filename=' . $file['filename'] . '">
delete</a>
</div>
</li>';
}
}
$html .= '</ul>';
return $html;
}
}
// output image details form
$main_content .= '
<hr />
<h4>image details</h4>';
if (file_exists(WW_ROOT . '/ww_files/images/thumbs/' . $image['filename'])) {
$main_content .= '
<a href="#full_image">
<img style="float: right; margin-bottom: 12px;"
alt="' . $image['alt'] . '"
title="' . $image['title'] . '"
src="' . $image['thumb_src'] . '"/>
</a>';
}
$main_content .= '
<p>This image was uploaded by ' . $image['author_name'] . ' on ' . from_mysql_date($image['date_uploaded']) . '</p>
<p>Form items with dotted borders are non-editable</p>
<form id="image_details" method="post" action="' . $action_url . '">
<p>
<label for="title">Title</label>
<input type="text" name="title" id="title" value="' . $image['title'] . '"/>
</p>
<p>
<label for="filename">Filename</label>
<input type="text" name="filename" id="filename" value="' . $image['filename'] . '" readonly="readonly"/>
</p>
<p>
<label for="alt">Alt text</label>
<input type="text" name="alt" id="alt" value="' . $image['alt'] . '"/>
</p>
/**
* get_article_attachments
*
*
*
*
*
*
*/
function insert_comment($form_data)
{
if (empty($form_data)) {
return false;
}
$conn = reader_connect();
$query = "\tINSERT INTO comments\n\t\t\t\t\t\t(reply_id, author_id, article_id, \n\t\t\t\t\t\ttitle, body, date_uploaded,\n\t\t\t\t\t\tposter_name, poster_link, poster_email, poster_IP,\n\t\t\t\t\t\tapproved)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t(?,?,?,?,?,?,?,?,?,?,?)";
$stmt = $conn->prepare($query);
if ($stmt === false) {
die('stmt: ' . $mysqli->error);
}
$bind = $stmt->bind_param('iiisssssssi', $form_data['reply_id'], $form_data['author_id'], $form_data['article_id'], $form_data['title'], $form_data['body'], $form_data['date_uploaded'], $form_data['poster_name'], $form_data['poster_link'], $form_data['poster_email'], $form_data['poster_IP'], $form_data['approved']);
if ($bind === false) {
die('bind: ' . $stmt->error);
}
$ex = $stmt->execute();
if ($ex === false) {
die('execute: ' . $stmt->error);
}
$new_id = $stmt->insert_id;
$stmt->close();
// return error or update comment count for article
if (empty($new_id)) {
echo "no id returned";
return false;
} else {
unset($_POST);
// set a session to deter bulk posting
$_SESSION['comment_posted'] = time() + 30;
// email author
if (empty($form_data['approved'])) {
$config = get_settings();
// get details
$edit_link = WW_WEB_ROOT . '/ww_edit/index.php?page_name=comments&comment_id=' . $new_id;
// compose mail
require WW_ROOT . '/ww_edit/_snippets/class.phpmailer-lite.php';
$mail = new PHPMailerLite();
$mail->AddAddress($form_data['author_email'], $form_data['author_name']);
$mail->SetFrom($config['admin']['email'], $config['site']['title']);
$mail->Subject = 'A new comment needs approval';
// html body
$html_body = '<p>The following comment has been posted to your article: <strong>' . $form_data['article_title'] . '</strong></p>';
if (!empty($form_data['title'])) {
$html_body .= '<blockquote><em>' . $form_data['title'] . '</em><blockquote>';
}
$html_body .= '
<blockquote>' . $form_data['body'] . '</blockquote>
<p>Submitted by: <em>' . $form_data['poster_name'] . '</em> on <em>' . from_mysql_date($form_data['date_uploaded']) . '</em></p>
<p><strong><a href="' . $edit_link . '">click here to approve or delete this comment</a></strong></p>';
// text body
$mail->AltBody = 'The following comment has been posted to your article: ' . $form_data['article_title'] . "\n\n";
if (!empty($form_data['title'])) {
$mail->AltBody .= $form_data['title'] . "\n\n";
}
$mail->AltBody .= $form_data['body'] . "\n\n";
$mail->AltBody .= 'Submitted by: ' . $form_data['poster_name'] . ' on ' . from_mysql_date($form_data['date_uploaded']) . "\n\n";
$mail->AltBody .= 'To approve or delete this comment visit this link: ' . $edit_link;
$mail->MsgHTML($html_body);
$mail->Send();
}
$reload = current_url();
header('Location: ' . $reload);
return true;
}
}
$total_articles = '';
}
// use the inbuilt function to generate the page header
echo show_page_header($header_text, $total_articles);
// add our own h1 tag
echo '<h1>Custom listing page</h1>';
// add page navigation at the top of the page as well as the bottom
if ($total > $config['layout']['per_page']) {
echo show_listing_nav($articles[0]['total_pages'], $config['layout']['per_page']);
}
// create our own listing
if (empty($articles)) {
echo '<h2>No results...</h2>';
} else {
echo '
<div id="listing_wrapper">';
foreach ($articles as $list) {
echo '
<div class="listing">
<h2>' . $list['title'] . '</h2>
<p><strong>Extract:</strong> ' . $list['summary'] . '</p>
<p class="footer">written by ' . $list['author_name'] . ' on ' . from_mysql_date($list['date_uploaded']) . ' | <a href="' . $list['link'] . '">read more ...</a></p>
</div>';
}
echo '
</div>';
}
// show nav at the bottom of the page as well
if ($total > $config['layout']['per_page']) {
echo show_listing_nav($articles[0]['total_pages'], $config['layout']['per_page']);
}
