function _commithttpdata()
{
global $sid, $error, $_full_uri;
global $mailposts, $cfg;
//require_once("htmleditor/editor.inc.php");
if ($_REQUEST['commit'] && ($cfg['disable_discussion'] != TRUE || $_SESSION['ltype'] == 'admin')) {
// indeed, we are supposed to commit
$site = $_REQUEST['site'];
$action = $_REQUEST['action'];
$a = $_REQUEST['discuss'];
if (!$_REQUEST['subject']) {
error("You must enter a subject.\n");
}
if (!$_REQUEST['content']) {
error("You must enter some text to post.\n");
}
if (isset($_REQUEST['rating']) && !is_numeric($_REQUEST['rating']) && $_REQUEST['rating'] != "") {
$error = "Post rating must be numeric.\n";
}
if ($error) {
unset($_REQUEST['commit']);
return false;
}
/******************************************************************************
* if public discussion and no log in then add user to user table
* uname = email address, type = visitor
******************************************************************************/
if (!$_SESSION[auser]) {
if (user::userEmailExists($_REQUEST['visitor_email'])) {
error("A user with that email address already exists. Please log in before posting.");
}
/******************************************************************************
* Visitor account validation:
* check that a name has been entered
* check that the email enter doesn't already exist in Segue and
* is not part of the $cfg[visitor_email_excludes] specified in the config
******************************************************************************/
if (!$_REQUEST['visitor_name']) {
error("You must enter a username.");
}
if (!$_REQUEST['visitor_email'] || !ereg("@", $_REQUEST['visitor_email'])) {
error("You must enter a valid email address.");
} else {
if ($_REQUEST['visitor_email']) {
foreach ($cfg[visitor_email_excludes] as $visitor_email_exclude) {
if ($exclude = ereg($visitor_email_exclude, $_REQUEST['visitor_email'])) {
error("Please log in above with your {$cfg['inst_name']} account.");
}
}
}
}
// all good
if (!$error) {
$obj =& new user();
$obj->uname = $_REQUEST['visitor_email'];
$obj->fname = $_REQUEST['visitor_name'];
$obj->email = $_REQUEST['visitor_email'];
$obj->type = "visitor";
$obj->authtype = 'db';
$obj->randpass(5, 3);
$obj->insertDB();
$obj->sendemail();
$visitor_id = lastid();
}
}
if ($error) {
unset($_REQUEST['commit']);
return false;
}
if ($a == 'edit') {
$d =& new discussion($_REQUEST['story']);
$d->fetchID($_REQUEST['id']);
if ($_SESSION['auser'] != $d->authoruname) {
return false;
}
$d->subject = $_REQUEST['subject'];
$d->content = cleanEditorText($_REQUEST['content']);
$d->content = convertInteralLinksToTags($site, $d->content);
$d->update();
//log_entry("discussion","$_SESSION[auser] edited story ".$_REQUEST['story']." discussion post id ".$_REQUEST['id']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");
unset($_REQUEST['discuss'], $_REQUEST['commit']);
//unset($d);
}
if ($a == 'rate') {
$d =& new discussion($_REQUEST['story']);
$d->fetchID($_REQUEST['id']);
$d->rating = $_REQUEST['rating'];
$d->update();
//log_entry("discussion","$_SESSION[auser] edited story ".$_REQUEST['story']." discussion post id ".$_REQUEST['id']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");
unset($_REQUEST['discuss'], $_REQUEST['commit']);
// unset($d);
}
if ($a == 'reply' || $a == 'newpost') {
$d =& new discussion($_REQUEST['story']);
$d->subject = $_REQUEST['subject'];
// Lets pass the cleaning of editor text off to the editor.
$d->content = cleanEditorText($_REQUEST['content']);
$d->content = convertInteralLinksToTags($site, $d->content);
if ($a == 'reply') {
$d->parentid = $_REQUEST['replyto'];
//log_entry("discussion","$_SESSION[auser] replied to story ".$_REQUEST['story']." discussion post id ".$_REQUEST['replyto']." in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");
} else {
//log_entry("discussion","$_SESSION[auser] posted to story ".$_REQUEST['story']." discussion in site ".$_REQUEST['site'],$_REQUEST['site'],$_REQUEST['story'],"story");
}
$d->authorid = $_SESSION['aid'] ? $_SESSION['aid'] : $visitor_id;
$d->authorfname = $_SESSION['afname'] ? $_SESSION['afname'] : $_REQUEST['visitor_name'];
$d->libraryfileid = $_REQUEST['libraryfileid'];
$newid = $d->insert();
}
/******************************************************************************
* gather data for sendmail function
******************************************************************************/
if ($mailposts == 1) {
//printpre("email sending...");
$this->sendemail($newid);
}
unset($_REQUEST['discuss'], $_REQUEST['commit']);
}
}
/******************************************************************************
* Save
******************************************************************************/
if ($_REQUEST[save] && ($cfg['disable_edit_content'] != TRUE || $_SESSION['ltype'] == 'admin')) {
if (!$error) {
// save it to the database
print "<br /><br />" . $_SESSION[settings][sitename] . "<br /><br />";
/******************************************************************************
* replace media library urls with $mediapath/$sitename/filename
* replace specific url with general url
******************************************************************************/
$mod_header = convertInteralLinksToTags($_SESSION[settings][sitename], $_SESSION[siteObj]->getField("header"));
$mod_footer = convertInteralLinksToTags($_SESSION[settings][sitename], $_SESSION[siteObj]->getField("footer"));
// Lets pass the cleaning of editor text off to the editor.
$mod_header = cleanEditorText($mod_header);
$mod_footer = cleanEditorText($mod_footer);
$_SESSION[siteObj]->setField("header", $mod_header);
$_SESSION[siteObj]->setField("footer", $mod_footer);
if ($_SESSION[settings][add]) {
$_SESSION[siteObj]->insertDB();
log_entry("add_site", "{$_SESSION['auser']} added " . $_SESSION[siteObj]->name, $_SESSION[siteObj]->name, $_SESSION[siteObj]->id, "site");
}
if ($_SESSION[settings][edit]) {
$_SESSION[siteObj]->updateDB(1);
log_entry("edit_site", "{$_SESSION['auser']} edited " . $_SESSION[siteObj]->name, $_SESSION[siteObj]->name, $_SESSION[siteObj]->id, "site");
}
/* ----------------------------------------------------- */
/* will have to update this to use object-related site copy functions */
// --- Copy the Template on add ---
if ($_SESSION[settings][add] && $_SESSION[settings][template] != "") {
/* copySite($_SESSION[settings][template],$_SESSION[siteObj]->getField("name")); */
/******************************************************************************
* replace media library urls with $mediapath/$sitename/filename
* replace specific url with general url ($linkpath)
******************************************************************************/
if ($_SESSION[storyObj]->getField("type") == "link") {
$url = $_SESSION[storyObj]->getField("url");
$url = convertInteralLinksToTags($_SESSION[settings][site], $url);
// save general mediapath and internal_linkpath to object
$_SESSION[storyObj]->setField("url", $url);
}
// Lets pass the cleaning of editor text off to the editor.
$texttype = $_SESSION[storyObj]->getField("texttype");
$text = $_SESSION[storyObj]->getField("longertext");
// $text = convertWikiMarkupToLinks($_SESSION[settings][site],$_SESSION[settings][section],$_SESSION[settings][page], $page_title, $text);
$text = convertInteralLinksToTags($_SESSION[settings][site], $text);
$text = cleanEditorText($text, $texttype);
$_SESSION[storyObj]->setField("longertext", $text);
// check make sure the owner is the current user if they are changing permissions
/* if ($site_owner != $_SESSION[auser]) { */
/* if ($_SESSION[settings][edit]) $_SESSION[storyObj]->buildPermissionsArray(); */
/* else $_SESSION[storyObj]->setPermissions($thisPage->getPermissions()); */
/* } */
/******************************************************************************
* Save: calls insertDB and updateDB functions
******************************************************************************/
if ($_SESSION[settings][add]) {
$_SESSION[storyObj]->insertDB();
log_entry("add_story", "{$_SESSION['auser']} added content id " . $_SESSION[storyObj]->id . " in site " . $_SESSION[storyObj]->owning_site . ", section " . $_SESSION[storyObj]->owning_section . ", page " . $_SESSION[storyObj]->owning_page, $_SESSION[storyObj]->owning_site, $_SESSION[storyObj]->id, "story");
}
if ($_SESSION[settings][edit]) {
$_SESSION[storyObj]->updateDB();