foreach ($record->getFacts(null, false, WT_PRIV_HIDE) as $fact) {
if (!in_array($fact->getFactId(), $fact_ids)) {
$gedcom .= "\n" . $fact->getGedcom();
}
}
// Append the new facts
foreach ($facts as $fact) {
$gedcom .= "\n" . $fact;
}
// Cleanup the client’s bad editing?
$gedcom = preg_replace('/[\\r\\n]+/', "\n", $gedcom);
// Empty lines
$gedcom = trim($gedcom);
// Leading/trailing spaces
$record->updateRecord($gedcom, false);
$controller->addInlineJavascript('closePopupAndReloadParent();');
break;
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
case 'editrawfact':
$xref = WT_Filter::get('xref', WT_REGEX_XREF);
$fact_id = WT_Filter::get('fact_id');
$record = WT_GedcomRecord::getInstance($xref);
check_record_access($record);
// Find the fact to edit
$edit_fact = null;
foreach ($record->getFacts() as $fact) {
if ($fact->getFactId() == $fact_id && $fact->canEdit()) {
$edit_fact = $fact;
break;
}
$body = WT_Filter::post('body');
$from_name = WT_Filter::post('from_name');
$from_email = WT_Filter::post('from_email');
$action = WT_Filter::post('action', 'compose|send', 'compose');
$to = WT_Filter::post('to', null, WT_Filter::get('to'));
$method = WT_Filter::post('method', 'messaging|messaging2|messaging3|mailto|none', WT_Filter::get('method', 'messaging|messaging2|messaging3|mailto|none', 'messaging2'));
$url = WT_Filter::postUrl('url', WT_Filter::getUrl('url'));
$controller = new WT_Controller_Simple();
$controller->setPageTitle(WT_I18N::translate('webtrees message'));
$to_user = User::findByIdentifier($to);
// Only admins can send broadcast messages
if ((!$to_user || $to == 'all' || $to == 'last_6mo' || $to == 'never_logged') && !Auth::isAdmin()) {
// TODO, what if we have a user called "all" or "last_6mo" or "never_logged" ???
WT_FlashMessages::addMessage(WT_I18N::translate('Message was not sent'));
$controller->pageHeader();
$controller->addInlineJavascript('window.opener.location.reload(); window.close();');
exit;
}
$errors = '';
// Is this message from a member or a visitor?
if (WT_USER_ID) {
$from = WT_USER_NAME;
} else {
// Visitors must provide a valid email address
if ($from_email && (!preg_match("/(.+)@(.+)/", $from_email, $match) || function_exists('checkdnsrr') && checkdnsrr($match[2]) === false)) {
$errors .= '<p class="ui-state-error">' . WT_I18N::translate('Please enter a valid email address.') . '</p>';
$action = 'compose';
}
// Do not allow anonymous visitors to include links to external sites
if (preg_match('/(?!' . preg_quote(WT_SERVER_NAME, '/') . ')(((?:ftp|http|https):\\/\\/)[a-zA-Z0-9.-]+)/', $subject . $body, $match)) {
$errors .= '<p class="ui-state-error">' . WT_I18N::translate('You are not allowed to send messages that contain external links.') . '</p>' . '<p class="ui-state-highlight">' . WT_I18N::translate('You should delete the “%1$s” from “%2$s” and try again.', $match[2], $match[1]) . '</p>' . Log::addAuthenticationLog('Possible spam message from "' . $from_name . '"/"' . $from_email . '", subject="' . $subject . '", body="' . $body . '"');
if ($linkto == "repository") {
echo WT_I18N::translate('Repository'), "</td>";
echo '<td class="optionbox wrap">';
if ($linktoid == "") {
echo '<input class="pedigree_form" type="text" name="linktoid" id="linktorid" size="3" value="', $linktoid, '">';
} else {
$record = WT_Repository::getInstance($linktoid);
echo $record->format_list('span', false, $record->getFullName());
}
}
if ($linkto == "note") {
echo WT_I18N::translate('Shared note'), "</td>";
echo '<td class="optionbox wrap">';
if ($linktoid == "") {
echo '<input class="pedigree_form" type="text" name="linktoid" id="linktonid" size="3" value="', $linktoid, '">';
} else {
$record = WT_Note::getInstance($linktoid);
echo $record->format_list('span', false, $record->getFullName());
}
}
echo '</td></tr>';
echo '<tr><td class="topbottombar" colspan="2"><input type="submit" value="', WT_I18N::translate('Set link'), '"></td></tr>';
echo '</table>';
echo '</form>';
} elseif ($action == "update" && $paramok) {
$record = WT_GedcomRecord::getInstance($linktoid);
$record->createFact('1 OBJE @' . $mediaid . '@', true);
$controller->addInlineJavascript('closePopupAndReloadParent();');
}
echo '<button onclick="closePopupAndReloadParent();">', WT_I18N::translate('close'), '</button>';
}
// Build the gedcom record
$newged = "0 @new@ OBJE";
if ($tag[0] == 'FILE') {
// The admin has an edit field to change the file name
$text[0] = $folderName . $fileName;
} else {
// Users keep the original filename
$newged .= "\n1 FILE " . $folderName . $fileName;
}
$newged = handle_updates($newged);
$media = WT_GedcomRecord::createRecord($newged, WT_GED_ID);
if ($linktoid) {
$record = WT_GedcomRecord::getInstance($linktoid);
$record->createFact('1 OBJE @' . $media->getXref() . '@', true);
Log::addEditLog('Media ID ' . $media->getXref() . " successfully added to {$linktoid}.");
$controller->addInlineJavascript('closePopupAndReloadParent();');
} else {
Log::addEditLog('Media ID ' . $media->getXref() . ' successfully added.');
$controller->addInlineJavascript('openerpasteid("' . $media->getXref() . '");');
}
echo '<button onclick="closePopupAndReloadParent();">', WT_I18N::translate('close'), '</button>';
exit;
case 'update':
// Save the information from the “editmedia” action
$controller->setPageTitle(WT_I18N::translate('Edit media object'));
// Validate the media folder
$folderName = str_replace('\\', '/', $folder);
$folderName = trim($folderName, '/');
if ($folderName == '.') {
$folderName = '';
}
