$AdminUI->disp_html_head(); // Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions) $AdminUI->disp_body_top(); if ($blog) { // We want to look at a specific blog: // Begin payload block: // This div is to know where to display the message after overlay close: echo '<div class="first_payload_block">' . "\n"; $AdminUI->disp_payload_begin(); echo '<h2 class="page-title">' . $Blog->dget('name') . '</h2>'; echo '<div class="row browse"><div class="col-lg-9 col-xs-12 floatleft">'; load_class('items/model/_itemlist.class.php', 'ItemList'); $block_item_Widget = new Widget('dash_item'); $nb_blocks_displayed = 0; $blog_moderation_statuses = explode(',', $Blog->get_setting('moderation_statuses')); $highest_publish_status = get_highest_publish_status('comment', $Blog->ID, false); $user_modeartion_statuses = array(); foreach ($blog_moderation_statuses as $status) { if ($status !== $highest_publish_status && $current_User->check_perm('blog_comment!' . $status, 'edit', false, $blog)) { $user_modeartion_statuses[] = $status; } } $user_perm_moderate_cmt = count($user_modeartion_statuses); if ($user_perm_moderate_cmt) { /* * COMMENTS: */ $CommentList = new CommentList2($Blog); // Filter list: $CommentList->set_filters(array('types' => array('comment', 'trackback', 'pingback'), 'statuses' => $user_modeartion_statuses, 'user_perm' => 'moderate', 'post_statuses' => array('published', 'community', 'protected'), 'order' => 'DESC', 'comments' => 30)); // Set param prefix for URLs
/** * Display link to publish a comment if user has edit rights * TODO: asimo> Use params array instead of so many param * * @param string to display before link * @param string to display after link * @param string link text * @param string link title * @param string class name * @param string glue between url params * @param boolean save context? * @param boolean true if create AJAX button * @return boolean TRUE - if the publish link is available */ function publish_link($before = ' ', $after = ' ', $text = '#', $title = '#', $class = '', $glue = '&', $save_context = true, $ajax_button = false, $redirect_to = NULL) { global $current_User; if (!is_logged_in(false)) { return false; } if (!$current_User->check_perm('comment!CURSTATUS', 'edit', false, $this)) { // User has no permission to edit this comment return false; } $this->get_Item(); $target_blog_ID = $this->Item->get_blog_ID(); // get the current User highest publish status in this comment item blog list($highest_status, $publish_text) = get_highest_publish_status('comment', $target_blog_ID); if (compare_visibility_status($highest_status, $this->status) <= 0) { // Current User has no permission to change this comment status to a more public status return false; } $status_order = get_visibility_statuses('ordered-array'); $status_index = get_visibility_statuses('ordered-index', array('redirected')); if (isset($status_index[$highest_status]) && isset($status_order[$status_index[$highest_status]]) && !empty($status_order[$status_index[$highest_status]][3])) { // Get color of button icon $status_icon_color = $status_order[$status_index[$highest_status]][3]; } else { // Use green arrow as default $status_icon_color = 'green'; } $params = array('before' => $before, 'after' => $after, 'text' => $text == '#' ? get_icon('move_up_' . $status_icon_color, 'imgtag') . ' ' . $publish_text : $text, 'title' => $title == '#' ? $publish_text : $title, 'class' => $class, 'glue' => $glue, 'save_context' => $save_context, 'ajax_button' => $ajax_button, 'redirect_to' => $redirect_to, 'status' => $highest_status, 'action' => 'publish'); // Display the publish link echo $this->get_moderation_link($params); return true; }
// Comment rating: $Comment->set('rating', $comment_rating); } $Comment->set('author_IP', $Hit->IP); $Comment->set('date', $now); $Comment->set('content', $comment); // Renderers: if (param('renderers_displayed', 'integer', 0)) { // use "renderers" value only if it has been displayed (may be empty) global $Plugins; $comment_renderers = param('renderers', 'array/string', array()); $renderers = $Plugins->validate_renderer_list($comment_renderers, array('Comment' => &$Comment)); $Comment->set_renderers($renderers); } // Def status will be the highest publish status what the current User ( or anonymous user if there is no current user ) can post $def_status = get_highest_publish_status('comment', $commented_Item->Blog->ID, false); $Comment->set('status', $def_status); if ($action != 'preview') { /* * Flood-protection * NOTE: devs can override the flood protection delay in /conf/_overrides_TEST.php * TODO: Put time check into query? * TODO: move that as far !!UP!! as possible! We want to waste minimum resources on Floods * TODO: have several thresholds. For example: * 1 comment max every 30 sec + 5 comments max every 10 minutes + 15 comments max every 24 hours * TODO: factorize with trackback */ $query = 'SELECT MAX(comment_date) FROM T_comments WHERE comment_author_IP = ' . $DB->quote($Hit->IP) . ' OR comment_author_email = ' . $DB->quote($Comment->get_author_email());
if ($commented_Item->can_rate()) { // Comment rating: $Comment->set('rating', $comment_rating); } $Comment->set('author_IP', $Hit->IP); $Comment->set('date', $now); $Comment->set('content', $comment); // Renderers: if (param('renderers_displayed', 'integer', 0)) { // use "renderers" value only if it has been displayed (may be empty) global $Plugins; $renderers = $Plugins->validate_renderer_list($comment_renderers, array('Comment' => &$Comment)); $Comment->set_renderers($renderers); } // Def status will be the highest publish status what the current User ( or anonymous user if there is no current user ) can post $def_status = $Comment->is_meta() ? 'published' : get_highest_publish_status('comment', $commented_Item->Blog->ID, false); $Comment->set('status', $def_status); if ($action != 'preview') { /* * Flood-protection * NOTE: devs can override the flood protection delay in /conf/_overrides_TEST.php * TODO: Put time check into query? * TODO: move that as far !!UP!! as possible! We want to waste minimum resources on Floods * TODO: have several thresholds. For example: * 1 comment max every 30 sec + 5 comments max every 10 minutes + 15 comments max every 24 hours * TODO: factorize with trackback */ $query = 'SELECT MAX(comment_date) FROM T_comments WHERE comment_author_IP = ' . $DB->quote($Hit->IP) . ' OR comment_author_email = ' . $DB->quote($Comment->get_author_email());
function echo_publish_buttons($Form, $creating, $edited_Item, $inskin = false, $display_preview = false) { global $Blog, $current_User; global $next_action, $highest_publish_status; // needs to be passed out for echo_publishnowbutton_js( $action ) // ---------- PREVIEW ---------- if (!$inskin || $display_preview) { $url = url_same_protocol($Blog->get('url')); // was dynurl $Form->button(array('button', '', T_('Preview'), 'PreviewButton', 'b2edit_open_preview(this.form, \'' . $url . '\');')); } // ---------- SAVE ---------- $next_action = $creating ? 'create' : 'update'; if (!$inskin) { // Show Save & Edit only on admin mode $Form->submit(array('actionArray[' . $next_action . '_edit]', T_('Save & edit'), 'SaveEditButton')); } $Form->submit(array('actionArray[' . $next_action . ']', T_('Save'), 'SaveButton')); list($highest_publish_status, $publish_text) = get_highest_publish_status('post', $Blog->ID); if (!isset($edited_Item->status)) { $edited_Item->status = $highest_publish_status; } if ($edited_Item->status != $highest_publish_status) { // Only allow publishing if in draft mode. Other modes are too special to run the risk of 1 click publication. $publish_style = 'display: inline'; } else { $publish_style = 'display: none'; } $Form->hidden('publish_status', $highest_publish_status); $Form->submit(array('actionArray[' . $next_action . '_publish]', $publish_text, 'SaveButton', '', $publish_style)); }
$Form->hidden('item_priority', $edited_Item->priority); $Form->hidden('item_assigned_user_ID', $edited_Item->assigned_user_ID); $Form->hidden('item_st_ID', $edited_Item->pst_ID); $Form->hidden('item_deadline', $edited_Item->datedeadline); } $Form->hidden('trackback_url', $trackback_url); $Form->hidden('item_featured', $edited_Item->featured); $Form->hidden('item_hideteaser', $edited_Item->get_setting('hide_teaser')); $Form->hidden('expiry_delay', $edited_Item->get_setting('comment_expiry_delay')); $Form->hidden('goal_ID', $edited_Item->get_setting('goal_ID')); $Form->hidden('item_order', $edited_Item->order); $creator_User = $edited_Item->get_creator_User(); $Form->hidden('item_owner_login', $creator_User->login); $Form->hidden('item_owner_login_displayed', 1); } elseif (!isset($edited_Item->status)) { $highest_publish_status = get_highest_publish_status('post', $Blog->ID, false); $edited_Item->set('status', $highest_publish_status); } if ($current_User->check_perm('admin', 'restricted')) { // These fields can be edited only by users which have an access to back-office if ($current_User->check_perm('blog_edit_ts', 'edit', false, $Blog->ID)) { // Time stamp field values $Form->hidden('item_dateset', $edited_Item->get('dateset')); $Form->hidden('item_issue_date', mysql2localedate($edited_Item->get('issue_date'))); $Form->hidden('item_issue_time', substr($edited_Item->get('issue_date'), 11)); } // Tags $Form->hidden('item_tags', $item_tags); $Form->hidden('suggest_item_tags', $UserSettings->get('suggest_item_tags')); } $disp_edit_categories = true;
/** * Provide link to publish a post to the highest available public status for the current User * * @param $params * @return boolean true if link was displayed false otherwise */ function highest_publish_link($params = array()) { global $current_User, $admin_url; if (!is_logged_in(false)) { return false; } $params = array_merge(array('before' => '', 'after' => '', 'text' => '#', 'before_text' => '', 'after_text' => '', 'title' => '', 'class' => '', 'glue' => '&', 'save_context' => true, 'redirect_to' => ''), $params); $curr_status_permvalue = get_status_permvalue($this->status); // get the current User highest publish status for this item Blog list($highest_status, $publish_text) = get_highest_publish_status('post', $this->get_blog_ID()); // Get binary value of the highest available status $highest_status_permvalue = get_status_permvalue($highest_status); if ($curr_status_permvalue >= $highest_status_permvalue || $highest_status_permvalue <= get_status_permvalue('private')) { // Current User has no permission to change this comment status to a more public status return false; } if (!$current_User->check_perm('item_post!' . $highest_status, 'edit', false, $this)) { // User has no right to edit this post return false; } $glue = $params['glue']; $text = $params['text'] == '#' ? $publish_text : $params['text']; $r = $params['before']; $r .= '<a href="' . $admin_url . '?ctrl=items' . $glue . 'action=publish' . $glue . 'post_status=' . $highest_status . $glue . 'post_ID=' . $this->ID . $glue . url_crumb('item'); if ($params['redirect_to']) { $r .= $glue . 'redirect_to=' . rawurlencode($params['redirect_to']); } elseif ($params['save_context']) { $r .= $glue . 'redirect_to=' . rawurlencode(regenerate_url('', '', '', '&')); } $r .= '" title="' . $params['title'] . '"'; if (!empty($params['class'])) { $r .= ' class="' . $params['class'] . '"'; } $r .= '>' . $params['before_text'] . $text . $params['after_text'] . '</a>'; $r .= $params['after']; echo $r; return true; }
/** * Create comment form submit buttons * * Note: Publsih in only displayed when comment is in draft status * * @param $Form * @param $edited_Comment * */ function echo_comment_buttons($Form, $edited_Comment) { global $Blog, $current_User, $highest_publish_status; // ---------- SAVE ------------ $Form->submit(array('actionArray[update]', T_('Save!'), 'SaveButton')); // ---------- PUBLISH --------- list($highest_publish_status, $publish_text) = get_highest_publish_status('comment', $Blog->ID); $current_status_value = get_status_permvalue($edited_Comment->status); $highest_status_value = get_status_permvalue($highest_publish_status); $Form->hidden('publish_status', $highest_publish_status); if ($current_status_value < $highest_status_value && $highest_publish_status != 'draft' && $current_User->check_perm('comment!' . $highest_publish_status, 'edit', false, $edited_Comment)) { // User may publish this comment with a "more public" status $publish_style = 'display: inline'; } else { $publish_style = 'display: none'; } $Form->submit(array('actionArray[update_publish]', $publish_text, 'SaveButton', '', $publish_style)); }
/** * Display buttons to update a post * * @param object Form * @param boolean Is creating action * @param object edited Item * @param boolean Is in-skin editing * @param boolean TRUE to display a preview button */ function echo_publish_buttons($Form, $creating, $edited_Item, $inskin = false, $display_preview = false) { global $Blog, $current_User, $UserSettings; global $next_action, $highest_publish_status; // needs to be passed out for echo_publishnowbutton_js( $action ) list($highest_publish_status, $publish_text) = get_highest_publish_status('post', $Blog->ID); if (!isset($edited_Item->status)) { $edited_Item->status = $highest_publish_status; } // ---------- PREVIEW ---------- if (!$inskin || $display_preview) { $url = url_same_protocol($Blog->get('url')); // was dynurl $Form->button(array('button', '', T_('Preview'), 'PreviewButton', 'b2edit_open_preview(this.form, \'' . $url . '\');')); } // ---------- VISIBILITY ---------- if (!$inskin) { // Only for back-office global $AdminUI; echo '<span class="edit_actions_text">' . T_('Visibility') . get_manual_link('visibility-status') . ': </span>'; // Get those statuses which are not allowed for the current User to create posts in this blog $exclude_statuses = array_merge(get_restricted_statuses($Blog->ID, 'blog_post!', 'create'), array('trash')); // Get allowed visibility statuses $status_options = get_visibility_statuses('', $exclude_statuses); if (isset($AdminUI, $AdminUI->skin_name) && $AdminUI->skin_name == 'bootstrap') { // Use dropdown for bootstrap skin $status_icon_options = get_visibility_statuses('icons', $exclude_statuses); $Form->hidden('post_status', $edited_Item->status); echo '<div class="btn-group dropup post_status_dropdown">'; echo '<button type="button" class="btn btn-status-' . $edited_Item->status . ' dropdown-toggle" data-toggle="dropdown" aria-expanded="false" id="post_status_dropdown">' . '<span>' . $status_options[$edited_Item->status] . '</span>' . ' <span class="caret"></span></button>'; echo '<ul class="dropdown-menu" role="menu" aria-labelledby="post_status_dropdown">'; foreach ($status_options as $status_key => $status_title) { echo '<li rel="' . $status_key . '" role="presentation"><a href="#" role="menuitem" tabindex="-1">' . $status_icon_options[$status_key] . ' <span>' . $status_title . '</span></a></li>'; } echo '</ul>'; echo '</div>'; } else { // Use standard select element for other skins echo '<select name="post_status">'; foreach ($status_options as $status_key => $status_title) { echo '<option value="' . $status_key . '"' . ($edited_Item->status == $status_key ? ' selected="selected"' : '') . ' class="btn-status-' . $status_key . '">' . $status_title . '</option>'; } echo '</select>'; } } echo '<span class="btn-group">'; // ---------- SAVE ---------- $next_action = $creating ? 'create' : 'update'; if (!$inskin && $current_User->check_perm('item_post!CURSTATUS', 'edit', false, $edited_Item)) { // Show Save & Edit only on admin mode $Form->submit(array('actionArray[' . $next_action . '_edit]', T_('Save & edit'), 'SaveEditButton btn-status-' . $edited_Item->status)); } if ($inskin) { // Front-office: display a save button with title depending on post status $button_titles = get_visibility_statuses('button-titles'); $button_title = isset($button_titles[$edited_Item->status]) ? T_($button_titles[$edited_Item->status]) : T_('Save Changes!'); } else { // Use static button title on back-office $button_title = T_('Save'); } $Form->submit(array('actionArray[' . $next_action . ']', $button_title, 'SaveButton btn-status-' . $edited_Item->status)); echo '</span>'; $Form->hidden('publish_status', $highest_publish_status); if ($highest_publish_status == 'published' && $UserSettings->get_collection_setting('show_quick_publish', $Blog->ID)) { // Display this button to make a post published // Only allow publishing if in draft mode. Other modes are too special to run the risk of 1 click publication. $publish_style = $edited_Item->status == $highest_publish_status ? 'display: none' : 'display: inline'; $Form->submit(array('actionArray[' . $next_action . '_publish]', T_('Publish!'), 'SaveButton btn-status-published quick-publish', '', $publish_style)); } }