/**
* Adds a new comment to an item (if IP isn't banned)
*/
function addComment()
{
global $CONF, $errormessage, $manager;
$post['itemid'] = intPostVar('itemid');
$post['user'] = postVar('user');
$post['userid'] = postVar('userid');
$post['email'] = postVar('email');
$post['body'] = postVar('body');
$post['remember'] = intPostVar('remember');
// set cookies when required
#$remember = intPostVar('remember');
// begin if: "Remember Me" box checked
if ($post['remember'] == 1) {
$lifetime = time() + 2592000;
setcookie($CONF['CookiePrefix'] . 'comment_user', $post['user'], $lifetime, '/', '', 0);
setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'], $lifetime, '/', '', 0);
setcookie($CONF['CookiePrefix'] . 'comment_email', $post['email'], $lifetime, '/', '', 0);
}
// end if
$comments = new COMMENTS($post['itemid']);
$blog_id = getBlogIDFromItemID($post['itemid']);
$this->checkban($blog_id);
$blog =& $manager->getBlog($blog_id);
// note: PreAddComment and PostAddComment gets called somewhere inside addComment
$errormessage = $comments->addComment($blog->getCorrectTime(), $post);
// begin if:
if ($errormessage == '1') {
// redirect when adding comments succeeded
if (postVar('url')) {
redirect(postVar('url'));
} else {
$url = createItemLink($post['itemid']);
redirect($url);
}
// end if
} else {
return array('message' => $errormessage, 'skinid' => $blog->getDefaultSkin());
}
// end if
exit;
}
function _linklist_makeDetail($type)
{
$id = intPostVar('id');
switch ($type) {
case 'group':
_linklist_makeGroupForm($id);
break;
case 'link':
_linklist_makeLinkForm($id);
break;
}
}
/**
* @todo document this
*/
function action_plugindeleteconfirm()
{
global $member, $manager, $CONF;
// check if allowed
$member->isAdmin() or $this->disallow();
$pid = intPostVar('plugid');
$error = $this->deleteOnePlugin($pid, 1);
if ($error) {
$this->error($error);
}
redirect($CONF['AdminURL'] . '?action=pluginlist');
// $this->action_pluginlist();
}
/**
* Tries to create an draft from the data in the current request (comes from
* bookmarklet or admin area
*
* Returns an array with status info:
* status = 'added', 'error', 'newcategory'
*
* @static
*
* Used by xmlHTTPRequest AutoDraft
*/
function createDraftFromRequest()
{
global $member, $manager;
$i_author = $member->getID();
$i_body = postVar('body');
$i_title = postVar('title');
$i_more = postVar('more');
if (strtoupper(_CHARSET) != 'UTF-8') {
$i_body = mb_convert_encoding($i_body, _CHARSET, "UTF-8");
$i_title = mb_convert_encoding($i_title, _CHARSET, "UTF-8");
$i_more = mb_convert_encoding($i_more, _CHARSET, "UTF-8");
}
//$i_actiontype = postVar('actiontype');
$i_closed = intPostVar('closed');
//$i_hour = intPostVar('hour');
//$i_minutes = intPostVar('minutes');
//$i_month = intPostVar('month');
//$i_day = intPostVar('day');
//$i_year = intPostVar('year');
$i_catid = postVar('catid');
$i_draft = 1;
$type = postVar('type');
if ($type == 'edit') {
$i_blogid = getBlogIDFromItemID(intPostVar('itemid'));
} else {
$i_blogid = intPostVar('blogid');
}
$i_draftid = intPostVar('draftid');
if (!$member->canAddItem($i_catid)) {
return array('status' => 'error', 'message' => _ERROR_DISALLOWED);
}
if (!trim($i_body)) {
return array('status' => 'error', 'message' => _ERROR_NOEMPTYITEMS);
}
// create new category if needed
if (strstr($i_catid, 'newcat')) {
// Set in default category
$blog =& $manager->getBlog($i_blogid);
$i_catid = $blog->getDefaultCategory();
} else {
// force blogid (must be same as category id)
$i_blogid = getBlogIDFromCatID($i_catid);
$blog =& $manager->getBlog($i_blogid);
}
$posttime = 0;
if ($i_draftid > 0) {
ITEM::update($i_draftid, $i_catid, $i_title, $i_body, $i_more, $i_closed, 1, 0, 0);
$itemid = $i_draftid;
} else {
$itemid = $blog->additem($i_catid, $i_title, $i_body, $i_more, $i_blogid, $i_author, $posttime, $i_closed, $i_draft);
}
// No plugin support in AutoSaveDraft yet
//Setting the itemOptions
//$aOptions = requestArray('plugoption');
//NucleusPlugin::_applyPluginOptions($aOptions, $itemid);
//$manager->notify('PostPluginOptionsUpdate',array('context' => 'item', 'itemid' => $itemid, 'item' => array('title' => $i_title, 'body' => $i_body, 'more' => $i_more, 'closed' => $i_closed, 'catid' => $i_catid)));
// success
return array('status' => 'added', 'draftid' => $itemid);
}
break;
case 24:
$CONF['secureCookieKeyIP'] = preg_replace('/\\.[0-9]+$/', '', serverVar('REMOTE_ADDR'));
break;
case 32:
$CONF['secureCookieKeyIP'] = serverVar('REMOTE_ADDR');
break;
default:
$CONF['secureCookieKeyIP'] = '';
}
// login/logout when required or renew cookies
if ($action == 'login') {
// Form Authentication
$login = postVar('login');
$pw = postVar('password');
$shared = intPostVar('shared');
// shared computer or not
$pw = substr($pw, 0, 40);
// avoid md5 collision by using a long key
if ($member->login($login, $pw)) {
$member->newCookieKey();
$member->setCookies($shared);
if ($CONF['secureCookieKey'] !== 'none') {
// secure cookie key
$member->setCookieKey(md5($member->getCookieKey() . $CONF['secureCookieKeyIP']));
$member->write();
}
// allows direct access to parts of the admin area after logging in
if ($nextaction) {
$action = $nextaction;
}
function bm_doEditItem()
{
global $member, $manager, $CONF;
$itemid = intRequestVar('itemid');
$catid = postVar('catid');
// only allow if user is allowed to alter item
if (!$member->canUpdateItem($itemid, $catid)) {
bm_doError(_ERROR_DISALLOWED);
}
$body = postVar('body');
$title = postVar('title');
$more = postVar('more');
$closed = intPostVar('closed');
$actiontype = postVar('actiontype');
$draftid = intPostVar('draftid');
// redirect to admin area on delete (has delete confirmation)
if ($actiontype == 'delete') {
redirect('index.php?action=itemdelete&itemid=' . $itemid);
exit;
}
// create new category if needed (only on edit/changedate)
if (strstr($catid, 'newcat')) {
// get blogid
list($blogid) = sscanf($catid, "newcat-%d");
// create
$blog =& $manager->getBlog($blogid);
$catid = $blog->createNewCategory();
// show error when sth goes wrong
if (!$catid) {
bm_doError(_BOOKMARKLET_ERROR_COULDNTNEWCAT);
}
}
// only edit action is allowed for bookmarklet edit
switch ($actiontype) {
case 'changedate':
$publish = 1;
$wasdraft = 0;
$timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
break;
case 'edit':
$publish = 1;
$wasdraft = 0;
$timestamp = 0;
break;
case 'backtodrafts':
$publish = 0;
$wasdraft = 0;
$timestamp = 0;
break;
default:
bm_doError(_BOOKMARKLET_ERROR_SOMETHINGWRONG);
}
// update item for real
ITEM::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
if ($draftid > 0) {
ITEM::delete($draftid);
}
// show success message
if ($catid != intPostVar('catid')) {
$href = 'index.php?action=categoryedit&blogid=' . $blog->getID() . '&catid=' . $catid;
$onclick = 'if (event && event.preventDefault) event.preventDefault(); window.open(this.href); return false;';
$title = _BOOKMARKLET_NEW_WINDOW;
$aTag = ' <a href="' . $href . '" onclick="' . $onclick . '" title="' . $title . '">';
$message = _BOOKMARKLET_NEW_CATEGORY . $aTag . _BOOKMARKLET_NEW_CATEGORY_EDIT . '</a>';
bm_message(_ITEM_UPDATED, _ITEM_UPDATED, _BOOKMARKLET_NEW_CATEGORY . $aTag . _BOOKMARKLET_NEW_CATEGORY_EDIT . '</a>', '');
} else {
bm_message(_ITEM_UPDATED, _ITEM_UPDATED, _ITEM_UPDATED, '');
}
}
