<?php require_once($GLOBALS['g_campsiteDir']. "/$ADMIN_DIR/sections/section_common.php"); if (!SecurityToken::isValid()) { camp_html_display_error(getGS('Invalid security token!')); exit; } if (!$g_user->hasPermission('ManageSection')) { camp_html_display_error(getGS("You do not have the right to add sections.")); exit; } $Pub = Input::Get('Pub', 'int', 0); $Issue = Input::Get('Issue', 'int', 0); $Section = Input::Get('Section', 'int', 0); $Language = Input::Get('Language', 'int', 0); $cSubs = Input::Get('cSubs', 'string', '', true); $cShortName = trim(Input::Get('cShortName', 'string')); $cDescription = trim(Input::Get('cDescription')); $cSectionTplId = Input::Get('cSectionTplId', 'int', 0); $cArticleTplId = Input::Get('cArticleTplId', 'int', 0); $cName = Input::Get('cName'); if ($cSectionTplId < 0) { $cSectionTplId = 0; } if ($cArticleTplId < 0) { $cArticleTplId = 0;
/** * Status action */ public function setStatusAction() { $this->getHelper('contextSwitch')->addActionContext('set-status', 'json')->initContext(); if (!SecurityToken::isValid()) { $this->view->status = 401; $this->view->message = getGS('Invalid security token!'); return; } $status = $this->getRequest()->getParam('status'); $feedbacks = $this->getRequest()->getParam('feedback'); if (!is_array($feedbacks)) { $feedbacks = array($feedbacks); } try { foreach ($feedbacks as $id) { $feedback = $this->feedbackRepository->find($id); } $this->feedbackRepository->setStatus($feedbacks, $status); $this->feedbackRepository->flush(); } catch (Exception $e) { $this->view->status = $e->getCode(); $this->view->message = $e->getMessage(); return; } $this->view->status = 200; $this->view->message = 'succcesful'; }
unset($doAction[$articleNumber]); } } } } // // This section is executed when the user finally hits the action button. // if (isset($_REQUEST["action_button"])) { $srcArticleIndexUrl = "/{$ADMIN}/articles/" . "?f_publication_id={$f_publication_id}" . "&f_issue_number={$f_issue_number}" . "&f_section_number={$f_section_number}" . "&f_language_id={$f_language_id}"; $destArticleIndexUrl = "/{$ADMIN}/articles/" . "?f_publication_id={$f_destination_publication_id}" . "&f_issue_number={$f_destination_issue_number}" . "&f_section_number={$f_destination_section_number}" . "&f_language_id={$f_language_id}"; // If no actions were selected, dont do anything. if ($f_action != "move" && count($doAction) == 0) { camp_html_goto_page($srcArticleIndexUrl); } if (!empty($f_action) && !SecurityToken::isValid()) { camp_html_display_error($translator->trans('Invalid security token!')); exit; } if ($f_action == "duplicate") { global $controller; $em = Zend_Registry::get('container')->getService('em'); $ArticleDatetimeRepository = $controller->getHelper('entity')->getRepository('Newscoop\\Entity\\ArticleDatetime'); foreach ($doAction as $articleNumber => $languageArray) { $events = $ArticleDatetimeRepository->findBy(array('articleId' => $articleNumber)); $languageArray = array_keys($languageArray); $tmpLanguageId = camp_array_peek($languageArray); // Error checking if (!isset($articles[$articleNumber][$tmpLanguageId])) { continue; }
<?php require_once $GLOBALS['g_campsiteDir'] . "/{$ADMIN_DIR}/articles/article_common.php"; require_once $GLOBALS['g_campsiteDir'] . "/{$ADMIN_DIR}/javascript_common.php"; require_once $GLOBALS['g_campsiteDir'] . "/classes/ArticleType.php"; global $Campsite; $translator = \Zend_Registry::get('container')->getService('translator'); if (isset($_POST['f_save']) && !SecurityToken::isValid()) { camp_html_display_error($translator->trans('Invalid security token!')); exit; } if (!$g_user->hasPermission('ManageIssue') || !$g_user->hasPermission('AddArticle')) { camp_html_display_error($translator->trans("You do not have the right to import XML archives.", array(), 'articles')); exit; } // Whether form was submitted $f_save = Input::Get('f_save', 'string', '', true); // The article location dropdowns cause this page to reload, // so we need to preserve the state with each refresh. $f_article_type = Input::Get('f_article_type', 'string', '', true); $f_article_language_id = Input::Get('f_article_language_id', 'int', 0, true); // For choosing the article location. $f_publication_id = Input::Get('f_publication_id', 'int', 0, true); $f_issue_number = Input::Get('f_issue_number', 'int', 0, true); $f_section_number = Input::Get('f_section_number', 'int', 0, true); // Whether articles must be overwritten $f_overwrite_articles = Input::Get('f_overwrite_articles', 'string', '', true); // Build the back link $backlink = $Campsite['WEBSITE_URL'] . DIR_SEP . 'admin' . DIR_SEP . 'articles' . DIR_SEP . basename(__FILE__); if ($f_save) { if (isset($_FILES["f_input_file"])) {
/** * Check token * @return bool */ public function checkToken() { return SecurityToken::isValid(); }
public function replyAction() { $translator = \Zend_Registry::get('container')->getService('translator'); $this->getHelper('contextSwitch')->addActionContext('reply', 'json')->initContext(); if (!SecurityToken::isValid()) { $this->view->status = 401; $this->view->message = $translator->trans('Invalid security token!'); return; } $values = $this->getRequest()->getParams(); $comment = new Comment(); if ($this->getRequest()->isPost()) { $values['user'] = Zend_Registry::get('user'); $values['time_created'] = new DateTime(); $values['ip'] = $this->getRequest()->getClientIp(); $values['status'] = 'approved'; try { $comment = $this->commentRepository->save($comment, $values); $this->commentRepository->flush(); } catch (Exception $e) { $this->view->status = $e->getCode(); $this->view->message = $e->getMessage(); return; } $this->view->status = 200; $this->view->message = "succcesful"; $this->view->comment = $comment->getId(); } $this->view->comment = $comment; }
public function store($p_type='item') { require_once 'HTML/QuickForm.php'; $mask = InterviewItem::getFormMask($p_type, $p_owner, $p_admin); $form = new html_QuickForm('interviewitem', 'post', $p_target, null, null, true); FormProcessor::parseArr2Form($form, $mask); if ($form->validate() && SecurityToken::isValid()) { $data = $form->getSubmitValues(); if ($this->getId()==0) { $this->create($data['f_questioneer_user_id'], $data['f_question'], $data['f_status']); $this->setInterviewId($data['f_interview_id']); $this->setQuestioneerwId($data['fk_questioneer_user_id']); } if (strlen($data['f_question'])) { $this->setProperty('question', $data['f_question']); } if (strlen($data['f_answer'])) { $this->setProperty('answer', $data['f_answer']); } if (strlen($data['f_status'])) { $this->setProperty('status', $data['f_status']); } return true; } return false; }
function store($p_admin, $p_user_id=null) { require_once 'HTML/QuickForm.php'; $mask = $this->_getFormMask($p_admin); $form = new html_QuickForm('blog_entry', 'post', '', null, null, true); FormProcessor::parseArr2Form($form, $mask); if ($form->validate() && SecurityToken::isValid()){ $data = $form->getSubmitValues(true); foreach ($data['BlogEntry'] as $k => $v) { // clean user input if (!in_array($k, self::$m_html_allowed_fields)) { $data['BlogEntry'][$k] = htmlspecialchars_array($v); } } if ($data['f_entry_id']) { foreach ($data['BlogEntry'] as $k => $v) { if (is_array($v)) { foreach($v as $key => $value) { if ($value) { $string .= "$key, "; } } $v = substr($string, 0, -2); unset ($string); } $this->setProperty($k, $v); } if ($data['BlogEntry_Image_remove']) { BlogImageHelper::RemoveImageDerivates('entry', $data['f_entry_id']); } if ($data['BlogEntry_Image']) { BlogImageHelper::StoreImageDerivates('entry', $data['f_entry_id'], $data['BlogEntry_Image']); } Blog::TriggerCounters(self::GetBlogId($data['f_entry_id'])); return true; } elseif ($this->create( $data['f_blog_id'], $p_user_id, $data['BlogEntry']['title'], $data['BlogEntry']['content'], $data['f_mood_id'])) { // admin and owner can override status setting if ($data['BlogEntry']['status']) { $this->setProperty('status', $data['BlogEntry']['status']); } if ($p_admin && $data['BlogEntry']['admin_status']) { $this->setProperty('admin_status', $data['BlogEntry']['admin_status']); } if ($data['BlogEntry_Image']) { BlogImageHelper::StoreImageDerivates('entry', $this->getProperty('entry_id'), $data['BlogEntry_Image']); } Blog::TriggerCounters($this->getProperty('fk_blog_id')); return true; } } return false; }
public function storeInvitation() { require_once 'HTML/QuickForm.php'; $mask = self::getInvitationFormMask(); $form = new html_QuickForm('invitation', 'post', $p_target, null, null, true); FormProcessor::parseArr2Form($form, $mask); if ($form->validate() && SecurityToken::isValid()) { $data = $form->getSubmitValues(); $data['f_invitation_template_guest'] = preg_replace_callback('/(%7B%7B.*%7D%7D)/u', create_function('$input', 'return urldecode($input[0]);'), $data['f_invitation_template_guest']); $data['f_invitation_template_guest'] = preg_replace_callback('/{{[^}]*}}/', create_function('$input', 'return html_entity_decode($input[0]);'), $data['f_invitation_template_guest']); $data['f_invitation_template_questioneer'] = preg_replace_callback('/(%7B%7B.*%7D%7D)/u', create_function('$input', 'return urldecode($input[0]);'), $data['f_invitation_template_questioneer']); $data['f_invitation_template_questioneer'] = preg_replace_callback('/{{[^}]*}}/', create_function('$input', 'return html_entity_decode($input[0]);'), $data['f_invitation_template_questioneer']); $this->setProperty('invitation_sender', $data['f_invitation_sender']); $this->setProperty('invitation_subject', $data['f_invitation_subject']); $this->setProperty('invitation_template_guest', $data['f_invitation_template_guest']); $this->setProperty('invitation_template_questioneer', $data['f_invitation_template_questioneer']); return true; } }
function store($p_admin, $p_user_id=null) { require_once 'HTML/QuickForm.php'; $mask = $this->getFormMask($p_admin); $form = new html_QuickForm('blog', 'post', '', null, null, true); FormProcessor::parseArr2Form($form, $mask); if ($form->validate() && SecurityToken::isValid()){ $data = $form->getSubmitValues(true); foreach ($data['Blog'] as $k => $v) { // clean user input if (!in_array($k, self::$m_html_allowed_fields)) { $data['Blog'][$k] = htmlspecialchars_array($v); } } if ($data['f_blog_id']) { foreach ($data['Blog'] as $k => $v) { $this->setProperty($k, $v); } if ($data['Blog_Image_remove']) { BlogImageHelper::RemoveImageDerivates('blog', $data['f_blog_id']); } if ($data['Blog_Image']) { BlogImageHelper::StoreImageDerivates('blog', $data['f_blog_id'], $data['Blog_Image']); } return true; } elseif ($this->create( isset($p_user_id) ? $p_user_id : $data['Blog']['fk_user_id'], $data['Blog']['fk_language_id'], $data['Blog']['title'], $data['Blog']['info'], $data['Blog']['request_text'], $data['Blog']['feature'])) { if ($data['Blog']['status']) { $this->setProperty('status', $data['Blog']['status']); } if ($p_admin && $data['Blog']['admin_status']) { $this->setProperty('admin_status', $data['Blog']['admin_status']); } if ($p_admin && $data['Blog']['admin_remark']) { $this->setProperty('admin_remark', $data['Blog']['admin_remark']); } if ($data['Blog_Image']) { BlogImageHelper::StoreImageDerivates('blog', $this->getProperty('blog_id'), $data['BlogEntry_Image']); } return true; } } return false; }
<?php require_once($GLOBALS['g_campsiteDir']."/$ADMIN_DIR/articles/article_common.php"); require_once($GLOBALS['g_campsiteDir']."/$ADMIN_DIR/javascript_common.php"); require_once($GLOBALS['g_campsiteDir']."/classes/ArticleType.php"); global $Campsite; if ($_POST['f_save'] && !SecurityToken::isValid()) { camp_html_display_error(getGS('Invalid security token!')); exit; } if (!$g_user->hasPermission('ManageIssue') || !$g_user->hasPermission('AddArticle')) { camp_html_display_error(getGS("You do not have the right to import XML archives.")); exit; } // Whether form was submitted $f_save = Input::Get('f_save', 'string', '', true); // The article location dropdowns cause this page to reload, // so we need to preserve the state with each refresh. $f_article_type = Input::Get('f_article_type', 'string', '', true); $f_article_language_id = Input::Get('f_article_language_id', 'int', 0, true); // For choosing the article location. $f_publication_id = Input::Get('f_publication_id', 'int', 0, true); $f_issue_number = Input::Get('f_issue_number', 'int', 0, true); $f_section_number = Input::Get('f_section_number', 'int', 0, true); // Whether articles must be overwritten
* @author Paweł Mikołajczuk <*****@*****.**> * @copyright 2010 Sourcefabric o.p.s. * @license http://www.gnu.org/licenses/gpl.txt * @link http://www.sourcefabric.org */ use Symfony\Component\HttpFoundation\File\UploadedFile; $translator = \Zend_Registry::get('container')->getService('translator'); $container = \Zend_Registry::get('container'); $request = $container->get('request'); $params = $request->request->all(); $f_image_url = Input::Get('f_image_url', 'string', '', true); $nrOfFiles = isset($params['uploader_count']) ? $params['uploader_count'] : 0; $f_article_edit = isset($params['f_article_edit']) ? $params['f_article_edit'] : null; $f_language_id = isset($params['f_language_id']) ? $params['f_language_id'] : null; $f_article_number = isset($params['f_article_number']) ? $params['f_article_number'] : null; if (!SecurityToken::isValid() && !isset($f_article_edit)) { camp_html_display_error($translator->trans('Invalid security token!')); exit; } if (!$g_user->hasPermission('AddImage') && !isset($f_article_edit)) { camp_html_display_error($translator->trans("You do not have the right to add images.", array(), 'media_archive')); exit; } if (empty($f_image_url) && empty($nrOfFiles)) { camp_html_add_msg($translator->trans("You must select an image file to upload.", array(), 'media_archive')); if ($f_article_edit) { camp_html_goto_page('/' . $ADMIN . '/image/article-attach/article_number/' . $f_article_number . '/language_id/' . $f_language_id); } camp_html_goto_page("/{$ADMIN}/media-archive/add.php"); } $images = array();