* * This page calls the Edit Article Controller * * Copyright (c) 2012 OWASP * * LICENSE: * * This file is part of Hackademic CMS (https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project). * * Hackademic CMS is free software: you can redistribute it and/or modify it under the terms of the GNU General Public * License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any * later version. * * Hackademic CMS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. * * You should have received a copy of the GNU General Public License along with Hackademic CMS. If not, see * <http://www.gnu.org/licenses/>. * * * @author Pragya Gupta <pragya18nsit[at]gmail[dot]com> * @author Konstantinos Papapanagiotou <conpap[at]gmail[dot]com> * @license http://www.gnu.org/licenses/gpl.html * @copyright 2012 OWASP * */ require_once "../../init.php"; require_once HACKADEMIC_PATH . "admin/controller/class.EditArticleController.php"; $controller = new EditArticleController(); echo $controller->go();
$form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : ""; if (empty($form_values["id"])) { header("Location: " . BASE_URL); return; } else { $article = $articleDAO->load($form_values["id"]); // Article does not exist. Pass null to template if (!$article) { } else { if (!$user->isAdmin() && $article->userId != $user->id) { $session->setMessage("Do not have permission to edit article", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } else { $form_values["id"] = $article->getId(); $form_values["title"] = $article->getTitle(); $form_values["content"] = $article->getContent(); $form_values["published"] = $article->getPublished() == true ? "true" : "false"; $form_values["postDate"] = strftime("%d %B %Y", $article->getPostDate()); $form_values["updateDate"] = $article->getUpdateDate() > 0 ? strftime("%d %B %Y", $article->getUpdateDate()) : ""; $form_values["tags"] = $article->getTags(); } } } } } $this->template->render(array("title" => "Edit Article", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "edit_article_tpl.php", "session" => $session, "article" => $article, "form_errors" => $form_errors, "form_values" => $form_values)); } } $controller = new EditArticleController(); $controller->run();