$postpone = true; $added_time = mktime($from_date_hour, $from_date_minutes, 0, $from_date_month, $from_date_day, $from_date_year) + $config_date_adjust * 60; $decide_news_file = SERVDIR . "/cdata/postponed_news.txt"; } else { $postpone = false; $added_time = time() + $config_date_adjust * 60; $decide_news_file = SERVDIR . "/cdata/news.txt"; } // HTML saved if force or use wysiwig if ($if_use_html == "yes" || $use_wysiwyg) { $use_html = true; $options = edit_option($options, 'use_html', true); } $full_story = replace_news("add", $full_story, $use_html); $short_story = replace_news("add", $short_story, $use_html); $title = replace_news("add", $title, false); // HTML in title is not allowed // Check optional fields $optfields = array(); foreach ($cfg['more_fields'] as $i => $v) { if ($v[0] == '&' && $_REQUEST[$i] == false) { $optfields[] = substr($v, 1); } } // Replace code ---------------------------------------------------------------------------------------------------- if (count($optfields)) { $error_messages .= getpart('addnews_err', array(lang('Some fields can not be blank') . ': ' . implode(', ', $optfields))); } if (trim($title) == false) { $error_messages .= getpart('addnews_err', array(lang("The title can not be blank"))); }
$found = FALSE; $all_news = file($news_file); foreach ($all_news as $news_line) { $news_arr = explode("|", $news_line); if ($news_arr[0] == $id) { $found = TRUE; break; } } if ($found == TRUE) { $title = $news_arr[NEW_TITLE]; $date = date("j F Y h:i A", $news_arr[NEW_ID]); if ($news_arr[NEW_FULL] != "") { $news = replace_news("show", $news_arr[NEW_FULL]); } else { $news = replace_news("show", $news_arr[NEW_SHORT]); } echo <<<PRINTABLE <HTML> <HEAD> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Printer Friendly Version</title> </HEAD> <BODY bgcolor="#ffffff" text="#000000" onload="window.print()"> <b>{$title}</b> @ <small>{$date}</small><hr>{$news}<hr> <small>News powered by CuteNews - http://cutephp.com</small> </BODY> </HTML> PRINTABLE; } else {
if (!empty($item_db[NEW_CAT])) { $all_these_cats = spsep($item_db[NEW_CAT]); foreach ($all_these_cats as $all_this_cat) { if (!in_array($all_this_cat, $allowed_cats) and isset($cat[$all_this_cat])) { msg("error", lang("Access Denied"), lang("This article is posted under category which you are not allowed to access."), '#GOBACK'); } } } $short_story_id = 'short_story'; $full_story_id = 'full_story'; $newstime = date("D, d F Y h:i:s", $item_db[0]); $item_db[NEW_TITLE] = stripslashes(preg_replace(array("'\\|'", "'\"'", "'\\''"), array("I", """, "'"), $item_db[NEW_TITLE])); // Are we using the WYSIWYG ? $use_wysiwyg = $config_use_wysiwyg == "no" ? 0 : 1; $item_db[NEW_SHORT] = replace_news("admin", $item_db[NEW_SHORT], $use_wysiwyg); $item_db[NEW_FULL] = replace_news("admin", $item_db[NEW_FULL], $use_wysiwyg); $CSRF = CSRFMake(); echoheader("editnews", lang("Edit News")); // make category lines $i = 0; if ($subaction == 'doeditnews') { $item_db[NEW_CAT] = join(',', $category); } if (count($cat_lines) > 0) { $lines_html = false; foreach ($cat_lines as $single_line) { $cat_arr = explode("|", $single_line); $lines_html .= "<td style='font-size:10px;' valign=top><label for='cat{$cat_arr[0]}'>"; if (in_array($cat_arr[NEW_ID], spsep($item_db[NEW_CAT]))) { $lines_html .= "<input checked style='background-color:transparent; border:0px;' type='checkbox' name='category[]' id='cat{$cat_arr[0]}' value='{$cat_arr[0]}'>{$cat_arr['1']}</label>"; } else {
$output = str_replace("{rssdate}", date("r", $news_arr[0]), $output); $output = str_replace("{rssauthor}", $name_to_nick[$news_arr[1]], $output); # end rss $output = str_replace("{news-id}", $news_arr[0], $output); $output = str_replace("{archive-id}", $archive, $output); $output = str_replace("{php-self}", $PHP_SELF, $output); $output = str_replace("{cute-http-path}", $config_http_script_dir, $output); # XFields v2.1 - addblock $xfieldsaction = "templatereplace"; $xfieldsinput = $output; $xfieldsid = $news_arr[0]; include "xfields.mdu"; $output = $xfieldsoutput; # XFields v2.1 - End addblock $output = run_filters('news-entry', $output); $output = replace_news("show", $output); if ($action == "showheadlines" or $content[1]) { #if full story if ($config_full_popup == "yes") { $output = preg_replace("/\\[full-link\\]/", "<a href=\"#\" onclick=\"window.open('{$config_http_script_dir}/show_news.php?aj_go=more&id={$news_arr['0']}&archive={$archive}&template={$template}', '_News', '{$config_full_popup_string}');return false;\">", $output); } else { $output = str_replace("[full-link]", "<a href=\"{$PHP_SELF}?aj_go=more&id={$news_arr['0']}&archive={$archive}&start_from={$my_start_from}&ucat={$news_arr['6']}&{$user_query}\">", $output); } $output = str_replace("[/full-link]", "</a>", $output); } else { $output = preg_replace("'\\[full-link\\].*?\\[/full-link\\]'si", "<!-- no full story-->", $output); } # $output = run_filters('news-active-comlink', $output); if ($config_comments_popup == "yes") { $output = str_replace("[com-link]", "<a href=\"#\" onclick=\"window.open('{$config_http_script_dir}/show_news.php?aj_go=more&template={$template}&id={$news_arr['0']}&archive={$archive}&start_from={$my_start_from}&ucat={$news_arr['6']}', '_News', '{$config_comments_popup_string}');return false;\">", $output); } else {
function template_replacer_news($news_arr, $output) { // Predefined Globals global $config_timestamp_active, $config_http_script_dir, $config_comments_popup, $config_comments_popup_string, $config_full_popup, $config_full_popup_string, $rss_news_include_url, $my_names, $my_start_from, $cat, $action, $cat_icon, $archive, $name_to_nick, $template, $user_query, $member_db, $_SESS, $PHP_SELF; // Short Story not exists if (empty($news_arr[NEW_FULL]) and strpos($output, '{short-story}') === false) { $news_arr[NEW_FULL] = $news_arr[NEW_SHORT]; } $output = more_fields($news_arr[NEW_MF], $output); // Date Formatting [year, month, day, hour, minute, date=$config_timestamp_active] list($output, $news_arr) = hook('template_replacer_news_before', array($output, $news_arr)); $output = embedateformat($news_arr[NEW_ID], $output); // Replace news content $output = str_replace("{title}", hesc($news_arr[NEW_TITLE]), $output); $output = str_replace("{author}", $my_names[$news_arr[NEW_USER]] ? $my_names[$news_arr[NEW_USER]] : $news_arr[NEW_USER], $output); $output = str_replace("{author-name}", hesc($name_to_nick[$news_arr[NEW_USER]]), $output); $output = str_replace("{short-story}", hesc($news_arr[NEW_SHORT]), $output); $output = str_replace("{full-story}", hesc($news_arr[NEW_FULL]), $output); // Replace system information $output = str_replace("{avatar-url}", $news_arr[NEW_AVATAR], $output); $output = str_replace("{category}", hesc(catid2name($news_arr[NEW_CAT])), $output); $output = str_replace("{category-url}", linkedcat($news_arr[NEW_CAT]), $output); $output = str_replace("{page-views}", false, $output); $output = str_replace("{phpself}", $PHP_SELF, $output); $output = str_replace("{index-link}", '<a href="' . $PHP_SELF . '">' . lang('Go back') . '</a>', $output); $output = str_replace("{back-previous}", '<a href="javascript:history.go(-1)">Go back</a>', $output); $output = str_replace("{cute-http-path}", $config_http_script_dir, $output); $output = str_replace("{news-id}", $news_arr[NEW_ID], $output); $output = str_replace("{category-id}", $news_arr[NEW_CAT], $output); $output = str_replace("{comments-num}", countComments($news_arr[NEW_ID], $archive), $output); $output = str_replace("{archive-id}", $archive, $output); $output = str_replace("{category-icon}", caticon($news_arr[NEW_CAT], $cat_icon, $cat), $output); $mf_for_avatar = options_extract($news_arr[NEW_MF]); if (array_key_exists('_avatar_width', $mf_for_avatar)) { $width_for_avatar = 'width:' . $mf_for_avatar['_avatar_width'] . ';'; } if (array_key_exists('_avatar_height', $mf_for_avatar)) { $height_for_avatar = 'height:' . $mf_for_avatar['_avatar_height'] . ';'; } $output = str_replace("{avatar}", $news_arr[NEW_AVATAR] ? '<img alt="" src="' . $news_arr[NEW_AVATAR] . '" style="border: none;' . $width_for_avatar . $height_for_avatar . '" />' : '', $output); $output = preg_replace('/\\[loggedin\\](.*?)\\[\\/loggedin\\]/is', empty($_SESS['user']) ? '' : '\\1', $output); // social plugins $output = str_replace('{fb-comments}', show_social_code('fb', $news_arr), $output); $output = str_replace('{fb-like}', show_social_code('fb-like', $news_arr), $output); $output = str_replace('{twitter}', show_social_code('twitter', $news_arr), $output); // in RSS we need the date in specific format if ($template == 'rss') { $output = str_replace("{date}", date("r", $news_arr[0]), $output); $output = str_replace("{rss-news-include-url}", $rss_news_include_url ? $rss_news_include_url : $config_http_script_dir . '/router.php', $output); } else { $output = str_replace("{date}", date($config_timestamp_active, $news_arr[NEW_ID]), $output); } // Star Rating if (empty($archive)) { $output = str_replace("{star-rate}", rating_bar($news_arr[NEW_ID], $news_arr[NEW_RATE]), $output); } else { $output = str_replace("{star-rate}", false, $output); } // Mail Exist in mailist ---------------------------------------------------- [mail]...[/mail] if (!empty($my_mails[$news_arr[NEW_USER]])) { $output = str_replace(array("[mail]", '[/mail]'), array('<a href="mailto:' . $my_mails[$news_arr[NEW_USER]] . '">', ''), $output); } else { $output = str_replace(array("[mail]", '[/mail]'), '', $output); } // By click to comments - popup window -------------------------------------- [com-link]...[/com-link] if ($config_comments_popup == "yes") { $URL = build_uri('subaction,id,ucat,start_from,template,archive', array('showcomments', $news_arr[NEW_ID], $news_arr[NEW_CAT], $my_start_from)); $output = str_replace(array('[com-link]', '[/com-link]'), array('<a href="#" onclick="window.open(\'' . $config_http_script_dir . '/router.php' . $URL . '\', \'News\', \'' . $config_comments_popup_string . '\'); return false;">', '</a>'), $output); } else { if ($archive) { $URL = RWU('archreadcomm', $PHP_SELF . build_uri('subaction,id,ucat,title,template,archive', array('showcomments', $news_arr[NEW_ID], $news_arr[NEW_CAT], titleToUrl($news_arr[NEW_TITLE])))); } else { $URL = RWU('readcomm', $PHP_SELF . build_uri('subaction,id,ucat,title,template', array('showcomments', $news_arr[NEW_ID], $news_arr[NEW_CAT], titleToUrl($news_arr[NEW_TITLE])))); } $output = str_replace(array("[com-link]", '[/com-link]'), array("<a href=\"{$URL}\">", '</a>'), $output); } // Open link --------------------------------------------------------------- [link]...[/link] $URL = build_uri('subaction,id,start_from,ucat,archive,template', array('showfull', $news_arr[NEW_ID], $my_start_from, $news_arr[NEW_CAT])); $URL .= "&#disqus_thread"; $output = preg_replace('/\\[link target\\=([a-z0-9_]+?)\\](.*?)\\[\\/link\\]/is', '<a href="' . $PHP_SELF . $URL . '" target="\\1">\\2</a>', $output); $output = str_replace(array("[link]", "[/link]"), array('<a href="' . $PHP_SELF . $URL . '">', "</a>"), $output); // With Action = showheadlines -------------------------------------------- [full-link]...[/full-link] if ($news_arr[NEW_FULL] or $action == "showheadlines") { if ($config_full_popup == "yes") { $URL = build_uri('subaction,id,archive,template', array('showfull', $news_arr[NEW_ID], $archive, $template)); // Popup string $attrlink = "href='#' onclick=\"window.open('{$config_http_script_dir}/router.php{$URL}', '_News', '{$config_full_popup_string}'); return false;\""; $output = preg_replace('/\\[full\\-link target\\=([a-z0-9_]+?)\\](.*?)\\[\\/full\\-link\\]/is', "<a {$attrlink} target='\\1'>\\2</a>", $output); $output = str_replace('[full-link]', "<a {$attrlink}>", $output); } else { $template = $template == 'Default' ? '' : $template; if ($archive) { $URL = RWU('archreadmore', $PHP_SELF . build_uri('subaction,id,archive,ucat,title,template', array('showfull', $news_arr[0], $archive, $news_arr[NEW_CAT], titleToUrl($news_arr[NEW_TITLE]), $template)) . "&{$user_query}"); } else { $URL = RWU('readmore', $PHP_SELF . build_uri('subaction,id,ucat,title,template', array('showfull', $news_arr[0], $news_arr[NEW_CAT], titleToUrl($news_arr[NEW_TITLE]), $template)) . "&{$user_query}"); } // Target string $attrlink = "href='{$URL}'"; $output = preg_replace('/\\[full\\-link target\\=([a-z0-9_]+?)\\](.*?)\\[\\/full\\-link\\]/is', "<a {$attrlink} target='\\1'>\\2</a>", $output); $output = str_replace("[full-link]", "<a {$attrlink}>", $output); } $output = str_replace("[/full-link]", "</a>", $output); } else { $output = preg_replace('~\\[full-link.*?\\].*?\\[/full-link\\]~si', '<!-- no full story-->', $output); } // Admin can edit for news ------------------------------------------------ [edit]...[/edit] $DREdit = false; if (empty($_SESS['user']) == false) { $member_db = user_search($_SESS['user']); if (in_array($member_db[UDB_ACL], array(ACL_LEVEL_ADMIN, ACL_LEVEL_JOURNALIST))) { $url = '/index.php' . build_uri('mod,action,id,source', array('editnews', 'editnews', $news_arr[NEW_ID], $archive)); $output = preg_replace('/\\[edit\\]/i', '<a target="_blank" href="' . $config_http_script_dir . $url . '">', $output); $output = preg_replace('/\\[\\/edit\\]/i', '</a>', $output); $DREdit = true; } } // If not used, replace [edit]..[/edit] if ($DREdit == false) { $output = preg_replace('~\\[edit\\].*?\\[/edit\\]~si', '', $output); } list($output, $news_arr) = hook('template_replacer_news_middle', array($output, $news_arr)); $output = replace_news("show", $output); list($output) = hook('template_replacer_news_after', array($output, $news_arr)); return $output; }