function submit_item($news, $smessages = false) { $tp = e107::getParser(); $sql = e107::getDb(); $admin_log = e107::getAdminLog(); $pref = e107::getPref(); $e_event = e107::getEvent(); $e107cache = e107::getCache(); $emessage = e107::getMessage(); $error = false; if (empty($news['news_title'])) { $error = true; $emessage->add('Validation error: News title can\'t be empty!', E_MESSAGE_ERROR, $smessages); if (!empty($news['news_sef'])) { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } else { // first format sef... if (empty($news['news_sef'])) { $news['news_sef'] = eHelper::title2sef($news['news_title']); } else { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } // ...then check it if (empty($news['news_sef'])) { $error = true; $emessage->add('Validation error: News SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR, $smessages); } elseif ($sql->db_Count('news', '(news_id)', ($news['news_sef'] ? 'news_id<>' . intval($news['news_id']) . ' AND ' : '') . "news_sef='" . $tp->toDB($news['news_sef']) . "'")) { $error = true; $emessage->add('Validation error: News SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR, $smessages); } if (empty($news['news_category'])) { $error = true; $emessage->add('Validation error: News category can\'t be empty!', E_MESSAGE_ERROR, $smessages); } $data = array(); //DB Array $data['data']['news_title'] = $news['news_title']; $data['_FIELD_TYPES']['news_title'] = 'todb'; $data['data']['news_sef'] = $news['news_sef']; $data['_FIELD_TYPES']['news_sef'] = 'todb'; $data['data']['news_body'] = $news['news_body']; $data['_FIELD_TYPES']['news_body'] = 'todb'; $data['data']['news_extended'] = $news['news_extended']; $data['_FIELD_TYPES']['news_extended'] = 'todb'; $data['data']['news_datestamp'] = $news['news_datestamp']; $data['_FIELD_TYPES']['news_datestamp'] = 'int'; $data['data']['news_author'] = $news['news_author'] ? $news['news_author'] : USERID; $data['_FIELD_TYPES']['news_author'] = 'int'; $data['data']['news_category'] = $news['news_category']; $data['_FIELD_TYPES']['news_category'] = 'int'; $data['data']['news_allow_comments'] = $news['news_allow_comments']; $data['_FIELD_TYPES']['news_allow_comments'] = 'int'; $data['data']['news_start'] = $news['news_start']; $data['_FIELD_TYPES']['news_start'] = 'int'; $data['data']['news_end'] = $news['news_end']; $data['_FIELD_TYPES']['news_end'] = 'int'; $data['data']['news_class'] = $news['news_class']; $data['_FIELD_TYPES']['news_class'] = 'todb'; $data['data']['news_render_type'] = $news['news_render_type']; $data['_FIELD_TYPES']['news_render_type'] = 'todb'; //news_comment_total $data['data']['news_summary'] = $news['news_summary']; $data['_FIELD_TYPES']['news_summary'] = 'todb'; $data['data']['news_thumbnail'] = $news['news_thumbnail']; $data['_FIELD_TYPES']['news_thumbnail'] = 'todb'; $data['data']['news_sticky'] = $news['news_sticky']; $data['_FIELD_TYPES']['news_sticky'] = 'int'; $data['data']['news_meta_keywords'] = eHelper::formatMetaKeys($news['news_meta_keywords']); $data['_FIELD_TYPES']['news_meta_keywords'] = 'todb'; $data['data']['news_meta_description'] = eHelper::formatMetaDescription($news['news_meta_description']); //handle bbcodes $data['_FIELD_TYPES']['news_meta_description'] = 'todb'; if ($error) { $data['error'] = true; return $data; } // Calculate short strings for admin logging - no need to clog up the log with potentially long items $logData = $data['data']; if (isset($logData['news_body'])) { $logData['news_body'] = $tp->text_truncate($tp->toDB($logData['news_body']), 300, '...'); } if (isset($logData['news_extended'])) { $logData['news_extended'] = $tp->text_truncate($tp->toDB($logData['news_extended']), 300, '...'); } //XXX - Now hooks are executed only if no mysql error is found. Should it stay so? Seems sensible to me! if ($news['news_id']) { // Updating existing item $data['WHERE'] = 'news_id=' . intval($news['news_id']); //$vals = "news_datestamp = '".intval($news['news_datestamp'])."', ".$author_insert." news_title='".$news['news_title']."', news_body='".$news['news_body']."', news_extended='".$news['news_extended']."', news_category='".intval($news['cat_id'])."', news_allow_comments='".intval($news['news_allow_comments'])."', news_start='".intval($news['news_start'])."', news_end='".intval($news['news_end'])."', news_class='".$tp->toDB($news['news_class'])."', news_render_type='".intval($news['news_rendertype'])."' , news_summary='".$news['news_summary']."', news_thumbnail='".$tp->toDB($news['news_thumbnail'])."', news_sticky='".intval($news['news_sticky'])."' WHERE news_id='".intval($news['news_id'])."' "; if ($sql->db_Update('news', $data)) { e107::getAdminLog()->logArrayAll('NEWS_09', $logData); $data['data']['news_id'] = $news['news_id']; e107::getEvent()->trigger('newsupd', $data['data']); e107::getEvent()->trigger('admin_news_updated', $data['data']); $message = LAN_UPDATED; $emessage->add(LAN_UPDATED, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { if ($sql->getLastErrorNumber()) { $error = true; $emessage->add(LAN_NEWS_5, E_MESSAGE_ERROR, $smessages); $message = "<strong>" . LAN_NEWS_5 . "</strong>"; } else { $data['data']['news_id'] = $news['news_id']; $emessage->add(LAN_NO_CHANGE, E_MESSAGE_INFO, $smessages); $message = "<strong>" . LAN_NO_CHANGE . "</strong>"; //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } } } else { // Adding item $data['data']['news_id'] = $sql->db_Insert('news', $data); $news['news_id'] = $data['data']['news_id']; //$news['news_id'] = $sql ->db_Insert('news', "0, '".$news['news_title']."', '".$news['news_body']."', '".$news['news_extended']."', ".intval($news['news_datestamp']).", ".intval($news['news_author']).", '".intval($news['cat_id'])."', '".intval($news['news_allow_comments'])."', '".intval($news['news_start'])."', '".intval($news['news_end'])."', '".$tp->toDB($news['news_class'])."', '".intval($news['news_rendertype'])."', '0' , '".$news['news_summary']."', '".$tp->toDB($news['news_thumbnail'])."', '".intval($news['news_sticky'])."' ") if ($data['data']['news_id']) { $data['news_id'] = $news['news_id']; $message = LAN_NEWS_6; $emessage->add(LAN_CREATED, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //moved down - prevent wrong mysql_insert_id e107::getAdminLog()->logArrayAll('NEWS_08', $logData); e107::getEvent()->trigger('newspost', $data['data']); e107::getEvent()->trigger('admin_news_created', $data['data']); //XXX - triggerHook after trigger? $evdata = array('method' => 'create', 'table' => 'news', 'id' => $data['data']['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add($e_event->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { $error = true; $message = "<strong>" . LAN_NEWS_7 . "</strong>"; $emessage->add(LAN_UPDATED, E_MESSAGE_ERROR, $smessages); } } //return $message; $data['message'] = $message; $data['error'] = $error; return $data; }
public function beforeCreate($new_data) { $new_data['news_thumbnail'] = $this->processThumbs($new_data['news_thumbnail']); if (empty($new_data['news_datestamp'])) { $new_data['news_datestamp'] = time(); } $new_data['news_sef'] = empty($new_data['news_sef']) ? eHelper::title2sef($new_data['news_title']) : eHelper::secureSef($new_data['news_sef']); $tmp = explode(chr(35), $new_data['news_author']); $new_data['news_author'] = intval($tmp[0]); if (E107_DBG_SQLQUERIES) { e107::getMessage()->addInfo("<h3>Raw _POST data</h3>" . print_a($_POST, true)); } return $new_data; }
function submitPage($mode = FALSE, $type = FALSE) { global $e107cache, $admin_log, $e_event; $frm = e107::getForm(); $sql = e107::getDb(); $tp = e107::getParser(); $ns = e107::getRender(); $mes = e107::getMessage(); $page_title = $tp->toDB($_POST['page_title']); // print_a($_POST); // if(is_array($_POST['data']) && is_array($_POST['subtitle'])) $newData = array(); foreach ($_POST as $k => $v) { if (substr($k, 0, 4) == 'data' && trim($v) != '') { list($tm, $key) = explode("_", $k); if ($mode == FALSE) { $newData[] = "[newpage=" . $_POST['page_subtitle'][$key] . "]\n"; } $newData[] = $v; } // return; } // return; $newData = implode("\n\n", $newData); // echo nl2br($newData); $page_text = $tp->toDB($newData); $pauthor = $_POST['page_display_authordate_flag'] ? USERID : 0; // Ideally, this check should be done in the front-end. $update = 0; // Make sure some updates happen $page_sef = ''; $page_metad = ''; $page_metak = ''; if (!$type) { if (!empty($_POST['page_sef'])) { $page_sef = eHelper::secureSef($_POST['page_sef']); } if (empty($page_sef)) { $page_sef = eHelper::title2sef($_POST['page_title']); } if (!empty($_POST['page_metadscr'])) { $page_metad = $tp->toDB(eHelper::formatMetaDescription($_POST['page_metadscr'])); } if (!empty($_POST['page_metakeys'])) { $page_metak = eHelper::formatMetaKeys($_POST['page_metakeys']); } } if (!$type && (!$page_title || !$page_sef)) { e107::getMessage()->addError(CUSLAN_34, 'default', true); e107::getRedirect()->redirect(e_ADMIN_ABS . 'cpage.php'); } // FIXME Causes false positives on Update.. - what is trying to be achieved with this check? /* if(!$type && $sql->db_Count('page', '(page_id)', ($mode ? "page_id != {$mode} AND " : '')."page_sef != '{$page_sef}'")) { e107::getMessage()->addError(CUSLAN_34, 'default', true); e107::getMessage()->addDebug("type=".$type, 'default', true); e107::getMessage()->addDebug("page_title=".$page_title, 'default', true); e107::getMessage()->addDebug("page_sef=".$page_sef, 'default', true); e107::getMessage()->addDebug("Mode=".$mode, 'default', true); e107::getRedirect()->redirect(e_ADMIN_ABS.'cpage.php'); } */ if ($type && empty($_POST['menu_name'])) { e107::getMessage()->addError(CUSLAN_36, 'default', true); e107::getRedirect()->redirect(e_ADMIN_ABS . 'cpage.php'); } if ($mode) { // Saving existing page/menu after edit // Don't think $_POST['page_ip_restrict'] is ever set. $menuname = $type && vartrue($_POST['menu_name']) ? ", page_theme = '" . $tp->toDB($_POST['menu_name']) . "'" : ""; $status = $sql->db_Update("page", "page_title='{$page_title}', page_sef='{$page_sef}', page_chapter='" . intval($_POST['page_chapter']) . "', page_metakeys='{$page_metak}', page_metadscr='{$page_metad}', page_text='{$page_text}', page_datestamp='" . time() . "', page_author='{$pauthor}', page_rating_flag='" . intval($_POST['page_rating_flag']) . "', page_comment_flag='" . intval($_POST['page_comment_flag']) . "', page_password='******'page_password'] . "', page_class='" . $_POST['page_class'] . "', page_ip_restrict='" . varset($_POST['page_ip_restrict'], '') . "', page_template='" . $_POST['page_template'] . "' {$menuname} WHERE page_id='{$mode}'") ? E_MESSAGE_SUCCESS : E_MESSAGE_ERROR; if ($status == E_MESSAGE_SUCCESS) { $update++; } $mes->add($message, $status); $admin_log->log_event('CPAGE_02', $mode . '[!br!]' . $page_title . '[!br!]' . $pauthor, E_LOG_INFORMATIVE, ''); $e107cache->clear("page_{$mode}"); $e107cache->clear("page-t_{$mode}"); $data = array('method' => 'update', 'table' => 'page', 'id' => $mode, 'plugin' => 'page', 'function' => 'submitPage'); $this->message = $e_event->triggerHook($data); if ($type) { $menu_name = $tp->toDB($_POST['menu_name']); // not to be confused with menu-caption. // Need to check whether menu already in table, else we can't distinguish between a failed update and no update needed if ($sql->db_Select('menus', 'menu_name', "`menu_path` = '{$mode}'")) { // Updating existing entry if ($sql->db_Update('menus', "menu_name='{$menu_name}' WHERE menu_path='{$mode}' ") !== FALSE) { $update++; } } } //$url = e107::getUrl()->sc('page/view', array('name' => $tp->post_toForm($_POST['page_title']), 'id' => $mode)); /* // Prevent links being updated in another language unless the table is present. if((($pref['sitelanguage'] != $sql->mySQLlanguage) && ($sql->mySQLlanguage!='')) && ($sql->db_IsLang("links")=='links')) { //echo "DISABLED LINK CREATION"; //echo ' Sitelan='.$pref['sitelanguage']; //echo " Dblang=".$sql->mySQLlanguage; //echo " Links=".$sql->db_IsLang("links"); return; } if ($_POST['page_link']) { // FIXME extremely ugly, just join on created link ID by new field page_link if ($sql->db_Select("links", "link_id", "link_url='".$url."' && link_name!='".$tp->toDB($_POST['page_link'])."'")) { $sql->db_Update("links", "link_name='".$tp->toDB($_POST['page_link'])."' WHERE link_url='".$url."'"); $update++; $e107cache->clear("sitelinks"); } else if (!$sql->db_Select("links", "link_id", "link_url='".$url."'")) { $sql->db_Insert("links", "0, '".$tp->toDB($_POST['page_link'])."', '".$url."', '', '', 1, 0, 0, 0, ".$_POST['page_class']); $update++; $e107cache->clear("sitelinks"); } } else { if ($sql->db_Select("links", "link_id", "link_url='".$url."'")) { $sql->db_Delete("links", "link_url='".$url."'"); $update++; $e107cache->clear("sitelinks"); } }*/ $mes = e107::getMessage(); $mes->autoMessage($update, 'update', LAN_UPDATED, false, false); // Display result of update } else { // New page/menu $menuname = $type ? $tp->toDB($_POST['menu_name']) : ""; $addMsg = $type ? CUSLAN_51 : CUSLAN_27; $info = array('page_title' => $page_title, 'page_sef' => $page_sef, 'page_chapter' => varset($_POST['page_chapter'], 0), 'page_metakeys' => $page_metak, 'page_metadscr' => $page_metad, 'page_text' => $page_text, 'page_author' => $pauthor, 'page_datestamp' => time(), 'page_rating_flag' => varset($_POST['page_rating_flag'], 0), 'page_comment_flag' => varset($_POST['page_comment_flag'], ''), 'page_password' => varset($_POST['page_password'], ''), 'page_class' => varset($_POST['page_class'], e_UC_PUBLIC), 'page_ip_restrict' => '', 'page_theme' => $menuname, 'page_template' => varset($_POST['page_template'], '')); $pid = e107::getMessage()->autoMessage($sql->db_Insert('page', $info), 'insert', $addMsg, LAN_CREATED_FAILED, false); $admin_log->log_event('CPAGE_01', $menuname . '[!br!]' . $page_title . '[!br!]' . $pauthor, E_LOG_INFORMATIVE, ''); if ($type) { $info = array('menu_name' => $menuname, 'menu_location' => 0, 'menu_order' => 0, 'menu_class' => '0', 'menu_pages' => '', 'menu_path' => $pid); e107::getMessage()->autoMessage($sql->db_Insert('menus', $info), 'insert', CUSLAN_52, LAN_CREATED_FAILED, false); } /*if(vartrue($_POST['page_link'])) { //$link = 'page.php?'.$pid; $url = e107::getUrl()->sc('page/view', array('name' => $tp->post_toForm($_POST['page_title']), 'id' => $pid)); if (!$sql->db_Select("links", "link_id", "link_name='".$tp->toDB($_POST['page_link'])."'")) { $linkname = $tp->toDB($_POST['page_link']); $sql->db_Insert("links", "0, '{$linkname}', '{$url}', '', '', 1, 0, 0, 0, ".$_POST['page_class']); $e107cache->clear("sitelinks"); } }*/ $data = array('method' => 'create', 'table' => 'page', 'id' => $pid, 'plugin' => 'page', 'function' => 'submitPage'); $this->message = $e_event->triggerHook($data); } }
function submit_download() { global $e107, $tp, $sql, $DOWNLOADS_DIRECTORY, $e_event; $action = $this->action; $subAction = $this->subAction; $id = $this->id; $sql = e107::getDb(); $tp = e107::getParser(); $fl = e107::getFile(); $mes = e107::getMessage(); $dlInfo = array(); $dlMirrors = array(); if ($subAction == 'edit') { if ($_POST['download_url_external'] == '') { $_POST['download_filesize_external'] = FALSE; } } if (!empty($_POST['download_url_external']) && empty($_POST['download_url']) && !empty($_POST['download_filesize_unit'])) { $dlInfo['download_url'] = $tp->toDB($_POST['download_url_external']); // $filesize = intval($_POST['download_filesize_external']); $filesize = $this->calc_filesize($_POST['download_filesize_external'], $_POST['download_filesize_unit']); } else { $dlInfo['download_url'] = $tp->toDB($_POST['download_url']); if ($_POST['download_filesize_external']) { $filesize = intval($_POST['download_filesize_external']); } else { if (strpos($DOWNLOADS_DIRECTORY, "/") === 0 || strpos($DOWNLOADS_DIRECTORY, ":") >= 1) { $filesize = filesize($DOWNLOADS_DIRECTORY . $dlInfo['download_url']); } elseif ($dlInfo['download_url'][0] == '{') { $filesize = filesize($tp->replaceConstants($dlInfo['download_url'])); } else { $filesize = filesize(e_BASE . $DOWNLOADS_DIRECTORY . $dlInfo['download_url']); } } } if (!$filesize) { if ($sql->select("upload", "upload_filesize", "upload_file='{$dlInfo['download_url']}'")) { $row = $sql->fetch(); $filesize = $row['upload_filesize']; } } $dlInfo['download_filesize'] = $filesize; // ---- Move Images and Files ------------ if ($_POST['move_image']) { if ($_POST['download_thumb']) { $oldname = e_UPLOAD . $_POST['download_thumb']; $newname = e_FILE . "downloadthumbs/" . $_POST['download_thumb']; if (!$this->move_file($oldname, $newname)) { return; } } if ($_POST['download_image']) { $oldname = e_UPLOAD . $_POST['download_image']; $newname = e_FILE . "downloadimages/" . $_POST['download_image']; if (!$this->move_file($oldname, $newname)) { return; } } } if ($_POST['move_file'] && $_POST['download_url']) { $oldname = e_UPLOAD . $_POST['download_url']; $newname = $_POST['move_file'] . $_POST['download_url']; if (!$this->move_file($oldname, $newname)) { return; } $dlInfo['download_url'] = str_replace(e_DOWNLOAD, "", $newname); } // ------------------------------------------ $dlInfo['download_description'] = $tp->toDB($_POST['download_description']); $dlInfo['download_name'] = $tp->toDB($_POST['download_name']); $dlInfo['download_sef'] = vartrue($_POST['download_sef']) ? eHelper::secureSef($_POST['download_sef']) : eHelper::title2sef($_POST['download_name']); $dlInfo['download_keywords'] = $tp->toDB($_POST['download_keywords']); $dlInfo['download_author'] = $tp->toDB($_POST['download_author']); $dlInfo['download_author_email'] = $tp->toDB($_POST['download_author_email']); $dlInfo['download_author_website'] = $tp->toDB($_POST['download_author_website']); $dlInfo['download_category'] = intval($_POST['download_category']); $dlInfo['download_active'] = intval($_POST['download_active']); $dlInfo['download_thumb'] = $tp->toDB($_POST['download_thumb']); $dlInfo['download_image'] = $tp->toDB($_POST['download_image']); $dlInfo['download_comment'] = $tp->toDB($_POST['download_comment']); $dlInfo['download_class'] = $tp->toDB($_POST['download_class']); $dlInfo['download_visible'] = $tp->toDB($_POST['download_visible']); $dlInfo['download_datestamp'] = e107::getDate()->convert($_POST['download_datestamp'], 'inputdate'); if ($_POST['update_datestamp']) { $dlInfo['download_datestamp'] = time(); } $mirrorStr = ""; $mirrorFlag = FALSE; // See if any mirrors defined // Need to check all the possible mirror names - might have deleted the first one if we're in edit mode if (count($_POST['download_mirror_name'])) { foreach ($_POST['download_mirror_name'] as $mn) { if ($mn) { $mirrorFlag = TRUE; break; } } } if ($mirrorFlag) { $mirrors = count($_POST['download_mirror_name']); $mirrorArray = array(); $newMirrorArray = array(); if ($id && $sql->select('download', 'download_mirror', 'download_id = ' . $id)) { if ($row = $sql->fetch()) { $mirrorArray = $this->makeMirrorArray($row['download_mirror'], TRUE); } } for ($a = 0; $a < $mirrors; $a++) { $mid = trim($_POST['download_mirror_name'][$a]); $murl = trim($_POST['download_mirror'][$a]); $msize = trim($_POST['download_mirror_size'][$a]); if ($mid && $murl) { $newMirrorArray[$mid] = array('id' => $mid, 'url' => $murl, 'requests' => 0, 'filesize' => $msize); if (DOWNLOAD_DEBUG && !$id) { $newMirrorArray[$mid]['requests'] = intval($_POST['download_mirror_requests'][$a]); } } } // Now copy across any existing usage figures foreach ($newMirrorArray as $k => $m) { if (isset($mirrorArray[$k])) { $newMirrorArray[$k]['requests'] = $mirrorArray[$k]['requests']; } } $mirrorStr = $this->compressMirrorArray($newMirrorArray); } $dlMirrors['download_mirror'] = $mirrorStr; $dlMirrors['download_mirror_type'] = intval($_POST['download_mirror_type']); if ($id) { // Process triggers before calling admin_update so trigger messages can be shown $data = array('method' => 'update', 'table' => 'download', 'id' => $id, 'plugin' => 'download', 'function' => 'update_download'); $hooks = $e107->e_event->triggerHook($data); $mes->add($hooks, E_MESSAGE_SUCCESS); $updateArray = array_merge($dlInfo, $dlMirrors); $updateArray['WHERE'] = 'download_id=' . intval($id); $mes->addAuto($sql->db_Update('download', $updateArray), 'update', DOWLAN_2 . " (<a href='" . e_PLUGIN . "download/download.php?view." . $id . "'>" . $_POST['download_name'] . "</a>)"); $dlInfo['download_id'] = $id; $this->downloadLog('DOWNL_06', $dlInfo, $dlMirrors); $dlInfo['download_datestamp'] = $time; // This is what 0.7 did, regardless of settings unset($dlInfo['download_class']); // Also replicating 0.7 $e_event->trigger('dlupdate', $dlInfo); // @deprecated e107::getEvent()->trigger('admin_download_update', $dlInfo); } else { if ($download_id = $sql->insert('download', array_merge($dlInfo, $dlMirrors))) { // Process triggers before calling admin_update so trigger messages can be shown $data = array('method' => 'create', 'table' => 'download', 'id' => $download_id, 'plugin' => 'download', 'function' => 'create_download'); $hooks = $e107->e_event->triggerHook($data); $mes->add($hooks, E_MESSAGE_SUCCESS); $mes->addAuto($download_id, 'insert', DOWLAN_1 . " (<a href='" . e_PLUGIN . "download/download.php?view." . $download_id . "'>" . $_POST['download_name'] . "</a>)"); $dlInfo['download_id'] = $download_id; $this->downloadLog('DOWNL_05', $dlInfo, $dlMirrors); $dlInfo['download_datestamp'] = $time; // This is what 0.7 did, regardless of settings unset($dlInfo['download_class']); // Also replicating 0.7 $e_event->trigger("dlpost", $dlInfo); // @deprecated e107::getEvent()->trigger('admin_download_create', $dlInfo); if ($_POST['remove_upload']) { $sql->db_Update("upload", "upload_active='1' WHERE upload_id='" . $_POST['remove_id'] . "'"); $mess = "<br/>" . $_POST['download_name'] . " " . DOWLAN_104; $mess .= "<br/><br/><a href='" . e_ADMIN . "upload.php'>" . DOWLAN_105 . "</a>"; $this->show_message($mess); } } } }
public function beforeCreate($new_data) { $new_data['news_thumbnail'] = $this->processThumbs($new_data['news_thumbnail']); if (empty($new_data['news_datestamp'])) { $new_data['news_datestamp'] = time(); } $new_data['news_sef'] = empty($new_data['news_sef']) ? eHelper::title2sef($new_data['news_title']) : eHelper::secureSef($new_data['news_sef']); $tmp = explode(chr(35), $new_data['news_author']); $new_data['news_author'] = intval($tmp[0]); return $new_data; }
function beforeCreate($newdata, $olddata) { $newdata['menu_name'] = preg_replace('/[^\\w-*]/', '-', $newdata['menu_name']); if (empty($newdata['page_sef'])) { if (!empty($newdata['page_title'])) { $newdata['page_sef'] = eHelper::title2sef($newdata['page_title']); } elseif (!empty($newdata['menu_name'])) { $newdata['page_sef'] = eHelper::title2sef($newdata['menu_name']); } } else { $newdata['page_sef'] = eHelper::secureSef($newdata['page_sef']); } $sef = e107::getParser()->toDB($newdata['page_sef']); if (e107::getDb()->count('page', '(*)', "page_sef='{$sef}'")) { e107::getMessage()->addError(CUSLAN_57); return false; } return $newdata; }
function submit_item($news, $smessages = false) { $tp = e107::getParser(); $sql = e107::getDb(); $admin_log = e107::getAdminLog(); $pref = e107::getPref(); $e_event = e107::getEvent(); $e107cache = e107::getCache(); $emessage = e107::getMessage(); $error = false; if (empty($news['news_title'])) { $error = true; $emessage->add('Validation error: News title can\'t be empty!', E_MESSAGE_ERROR, $smessages); if (!empty($news['news_sef'])) { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } else { // first format sef... if (empty($news['news_sef'])) { $news['news_sef'] = eHelper::title2sef($news['news_title']); } else { $news['news_sef'] = eHelper::secureSef($news['news_sef']); } } // ...then check it if (empty($news['news_sef'])) { $error = true; $emessage->add('Validation error: News SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR, $smessages); } elseif ($sql->db_Count('news', '(news_id)', ($news['news_sef'] ? 'news_id<>' . intval($news['news_id']) . ' AND ' : '') . "news_sef='" . $tp->toDB($news['news_sef']) . "'")) { $error = true; $emessage->add('Validation error: News SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR, $smessages); } if (empty($news['news_category'])) { $error = true; $emessage->add('Validation error: News category can\'t be empty!', E_MESSAGE_ERROR, $smessages); } $data = array(); //DB Array $data['data']['news_title'] = $news['news_title']; $data['_FIELD_TYPES']['news_title'] = 'todb'; $data['data']['news_sef'] = $news['news_sef']; $data['_FIELD_TYPES']['news_sef'] = 'todb'; $data['data']['news_body'] = $news['news_body']; $data['_FIELD_TYPES']['news_body'] = 'todb'; $data['data']['news_extended'] = $news['news_extended']; $data['_FIELD_TYPES']['news_extended'] = 'todb'; $data['data']['news_datestamp'] = $news['news_datestamp']; $data['_FIELD_TYPES']['news_datestamp'] = 'int'; $data['data']['news_author'] = $news['news_author'] ? $news['news_author'] : USERID; $data['_FIELD_TYPES']['news_author'] = 'int'; $data['data']['news_category'] = $news['news_category']; $data['_FIELD_TYPES']['news_category'] = 'int'; $data['data']['news_allow_comments'] = $news['news_allow_comments']; $data['_FIELD_TYPES']['news_allow_comments'] = 'int'; $data['data']['news_start'] = $news['news_start']; $data['_FIELD_TYPES']['news_start'] = 'int'; $data['data']['news_end'] = $news['news_end']; $data['_FIELD_TYPES']['news_end'] = 'int'; $data['data']['news_class'] = $news['news_class']; $data['_FIELD_TYPES']['news_class'] = 'todb'; $data['data']['news_render_type'] = $news['news_render_type']; $data['_FIELD_TYPES']['news_render_type'] = 'todb'; //news_comment_total $data['data']['news_summary'] = $news['news_summary']; $data['_FIELD_TYPES']['news_summary'] = 'todb'; $data['data']['news_thumbnail'] = $news['news_thumbnail']; $data['_FIELD_TYPES']['news_thumbnail'] = 'todb'; $data['data']['news_sticky'] = $news['news_sticky']; $data['_FIELD_TYPES']['news_sticky'] = 'int'; $data['data']['news_meta_keywords'] = eHelper::formatMetaKeys($news['news_meta_keywords']); $data['_FIELD_TYPES']['news_meta_keywords'] = 'todb'; $data['data']['news_meta_description'] = eHelper::formatMetaDescription($news['news_meta_description']); //handle bbcodes $data['_FIELD_TYPES']['news_meta_description'] = 'todb'; if ($error) { $data['error'] = true; return $data; } // Calculate short strings for admin logging - no need to clog up the log with potentially long items $logData = $data['data']; if (isset($logData['news_body'])) { $logData['news_body'] = $tp->text_truncate($tp->toDB($logData['news_body']), 300, '...'); } if (isset($logData['news_extended'])) { $logData['news_extended'] = $tp->text_truncate($tp->toDB($logData['news_extended']), 300, '...'); } //XXX - Now hooks are executed only if no mysql error is found. Should it stay so? Seems sensible to me! if ($news['news_id']) { // Updating existing item $data['WHERE'] = 'news_id=' . intval($news['news_id']); //$vals = "news_datestamp = '".intval($news['news_datestamp'])."', ".$author_insert." news_title='".$news['news_title']."', news_body='".$news['news_body']."', news_extended='".$news['news_extended']."', news_category='".intval($news['cat_id'])."', news_allow_comments='".intval($news['news_allow_comments'])."', news_start='".intval($news['news_start'])."', news_end='".intval($news['news_end'])."', news_class='".$tp->toDB($news['news_class'])."', news_render_type='".intval($news['news_rendertype'])."' , news_summary='".$news['news_summary']."', news_thumbnail='".$tp->toDB($news['news_thumbnail'])."', news_sticky='".intval($news['news_sticky'])."' WHERE news_id='".intval($news['news_id'])."' "; if ($sql->db_Update('news', $data)) { e107::getAdminLog()->logArrayAll('NEWS_09', $logData); $data['data']['news_id'] = $news['news_id']; e107::getEvent()->trigger('newsupd', $data['data']); $message = LAN_NEWS_21; $emessage->add(LAN_NEWS_21, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { if ($sql->getLastErrorNumber()) { $error = true; $emessage->add(LAN_NEWS_5, E_MESSAGE_ERROR, $smessages); $message = "<strong>" . LAN_NEWS_5 . "</strong>"; } else { $data['data']['news_id'] = $news['news_id']; $emessage->add(LAN_NEWS_46, E_MESSAGE_INFO, $smessages); $message = "<strong>" . LAN_NEWS_46 . "</strong>"; //FIXME - triggerHook should return array(message, message_type) $evdata = array('method' => 'update', 'table' => 'news', 'id' => $news['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add(e107::getEvent()->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } } } else { // Adding item $data['data']['news_id'] = $sql->db_Insert('news', $data); $news['news_id'] = $data['data']['news_id']; //$news['news_id'] = $sql ->db_Insert('news', "0, '".$news['news_title']."', '".$news['news_body']."', '".$news['news_extended']."', ".intval($news['news_datestamp']).", ".intval($news['news_author']).", '".intval($news['cat_id'])."', '".intval($news['news_allow_comments'])."', '".intval($news['news_start'])."', '".intval($news['news_end'])."', '".$tp->toDB($news['news_class'])."', '".intval($news['news_rendertype'])."', '0' , '".$news['news_summary']."', '".$tp->toDB($news['news_thumbnail'])."', '".intval($news['news_sticky'])."' ") if ($data['data']['news_id']) { $data['news_id'] = $news['news_id']; $message = LAN_NEWS_6; $emessage->add(LAN_NEWS_6, E_MESSAGE_SUCCESS, $smessages); e107::getCache()->clear('news.php'); //moved down - prevent wrong mysql_insert_id e107::getAdminLog()->logArrayAll('NEWS_08', $logData); e107::getEvent()->trigger('newspost', $data['data']); //XXX - triggerHook after trigger? $evdata = array('method' => 'create', 'table' => 'news', 'id' => $data['data']['news_id'], 'plugin' => 'news', 'function' => 'submit_item'); $emessage->add($e_event->triggerHook($evdata), E_MESSAGE_INFO, $smessages); } else { $error = true; $message = "<strong>" . LAN_NEWS_7 . "</strong>"; $emessage->add(LAN_NEWS_7, E_MESSAGE_ERROR, $smessages); } } /* FIXME - trackback should be hooked! */ if ($news['news_id'] && $pref['trackbackEnabled']) { $excerpt = e107::getParser()->text_truncate(strip_tags(e107::getParser()->post_toHTML($news['news_body'])), 100, '...'); // $id=mysql_insert_id(); $permLink = $e107->base_path . "comment.php?comment.news." . intval($news['news_id']); require_once e_PLUGIN . "trackback/trackbackClass.php"; $trackback = new trackbackClass(); if ($_POST['trackback_urls']) { $urlArray = explode("\n", $_POST['trackback_urls']); foreach ($urlArray as $pingurl) { if (!($terror = $trackback->sendTrackback($permLink, $pingurl, $news['news_title'], $excerpt))) { $message .= "<br />successfully pinged {$pingurl}."; $emessage->add("Successfully pinged {$pingurl}.", E_MESSAGE_SUCCESS, $smessages); } else { $message .= "<br />was unable to ping {$pingurl}<br />[ Error message returned was : '{$terror}'. ]"; $emessage->add("was unable to ping {$pingurl}<br />[ Error message returned was : '{$terror}'. ]", E_MESSAGE_ERROR, $smessages); } } } if (isset($_POST['pingback_urls'])) { if ($urlArray = $trackback->getPingUrls($news['news_body'])) { foreach ($urlArray as $pingurl) { if ($trackback->sendTrackback($permLink, $pingurl, $news['news_title'], $excerpt)) { $message .= "<br />successfully pinged {$pingurl}."; $emessage->add("Successfully pinged {$pingurl}.", E_MESSAGE_SUCCESS, $smessages); } else { $message .= "Pingback to {$pingurl} failed ..."; $emessage->add("Pingback to {$pingurl} failed ...", E_MESSAGE_ERROR, $smessages); } } } else { $message .= "<br />No pingback addresses were discovered"; $emessage->add("No pingback addresses were discovered", E_MESSAGE_INFO, $smessages); } } } /* end trackback */ //return $message; $data['message'] = $message; $data['error'] = $error; return $data; }
function _observe_update_category() { if (!getperms('0|7')) { $this->noPermissions(); } $this->setId(intval($_POST['category_id'])); if (!$this->getId()) { return; } //FIXME - lan, e_model based news administration model $this->error = false; if (empty($_POST['category_name'])) { $this->show_message('Validation Error: Missing Category name', E_MESSAGE_ERROR); $this->error = true; if (!empty($_POST['category_sef'])) { $_POST['category_sef'] = eHelper::secureSef($_POST['category_sef']); } } else { // first format sef... if (empty($_POST['category_sef'])) { $_POST['category_sef'] = eHelper::title2sef($_POST['category_name']); } else { $_POST['category_sef'] = eHelper::secureSef($_POST['category_sef']); } } // ...then check it if (empty($_POST['category_sef'])) { $this->error = true; $this->show_message('Validation error: News Category SEF URL value is required field and can\'t be empty!', E_MESSAGE_ERROR); } elseif (e107::getDb()->db_Count('news_category', '(category_id)', "category_id<>" . $this->getId() . " AND category_sef='" . (e107::getParser()->toDB($_POST['category_sef']) . "'"))) { $this->error = true; $this->show_message('Validation error: News Category SEF URL is unique field - current value already in use! Please choose another SEF URL value.', E_MESSAGE_ERROR); } if (!$this->error) { $updatea = array(); $updatea['data']['category_icon'] = $_POST['category_icon']; $updatea['_FIELD_TYPES']['category_icon'] = 'todb'; $updatea['data']['category_name'] = $_POST['category_name']; $updatea['_FIELD_TYPES']['category_name'] = 'todb'; $updatea['data']['category_sef'] = $_POST['category_sef']; $updatea['_FIELD_TYPES']['category_sef'] = 'todb'; $updatea['data']['category_meta_description'] = strip_tags($_POST['category_meta_description']); $updatea['_FIELD_TYPES']['category_meta_description'] = 'str'; $updatea['data']['category_meta_keywords'] = $_POST['category_meta_keywords']; $updatea['_FIELD_TYPES']['category_meta_keywords'] = 'str'; $updatea['data']['category_manager'] = $_POST['category_manager']; $updatea['_FIELD_TYPES']['category_manager'] = 'int'; $updatea['data']['category_order'] = $_POST['category_order']; $updatea['_FIELD_TYPES']['category_order'] = 'int'; $updatea['WHERE'] = 'category_id=' . $this->getId(); $inserta = array(); $rid = 0; $upcheck = e107::getDb()->db_Update("news_category", $updatea); $rwupcheck = false; if ($upcheck || !e107::getDb()->getLastErrorNumber()) { if ($upcheck || $rwupcheck) { //admin log now supports DB array and method chaining $updatea['data']['category_id'] = $this->getId(); if ($upcheck) { e107::getAdminLog()->log_event('NEWS_05', $updatea['data'], E_LOG_INFORMATIVE, ''); } if ($rwupcheck && $inserta['data']) { e107::getAdminLog()->log_event('NEWS_10', $inserta['data'], E_LOG_INFORMATIVE, ''); } $this->show_message(NWSLAN_36, E_MESSAGE_SUCCESS); $this->clear_cache(); //TODO - add to WIKI docs e107::getEvent()->trigger("newscatupd", array_merge($updatea['data'], $inserta['data'])); } else { $this->show_message(LAN_NO_CHANGE); } $this->setId(0); } else { $this->error = true; $this->setSubAction('edit'); $this->show_message('mySQL Error detected!', E_MESSAGE_ERROR); $this->show_message('#' . e107::getDb()->getLastErrorNumber() . ': ' . e107::getDb()->getLastErrorText(), E_MESSAGE_DEBUG); return; } } }