function index() { list($params, $id) = $this->parse_params(func_get_args()); $theme = new Theme(); $themes = $theme->read(true); if ($this->method == 'post' && isset($_POST['theme'])) { $t = $_POST['theme']; if (isset($themes[$t])) { $d = new Draft(); $d->where('draft', 1)->update('draft', 0); $d->where('path', $t)->get(); $d->path = $t; $d->draft = 1; if (isset($_POST['refresh'])) { $d->init_draft_nav($_POST['refresh']); } $d->save(); $this->redirect('/drafts'); } else { // error } } else { if ($this->method == 'delete' && isset($_POST['theme'])) { $d = new Draft(); $d->where('path', $_POST['theme'])->get(); if ($d->exists()) { $d->delete(); } exit; } } $final = array(); $d = new Draft(); $drafts = $d->get_iterated(); foreach ($drafts as $d) { if (isset($themes[$d->path])) { $final[] = array('id' => $d->id, 'theme' => $themes[$d->path], 'published' => (bool) $d->current, 'active' => (bool) $d->draft, 'created_on' => (int) $d->created_on, 'modified_on' => (int) $d->modified_on); } } $this->set_response_data($final); }
function publish($draft_id = false) { if (!$draft_id) { $this->error('400', 'Draft ID parameter not present.'); return; } if ($this->method === 'post') { $draft = new Draft(); $draft->where('id', $draft_id)->get(); if ($draft->exists()) { $draft->where('current', 1)->update('current', 0); $draft->live_data = $draft->data; $draft->current = 1; $draft->save(); $guid = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $draft->path . DIRECTORY_SEPARATOR . 'koken.guid'; if (file_exists($guid)) { $s = new Setting(); $s->where('name', 'uuid')->get(); $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, KOKEN_STORE_URL . '/register?uuid=' . $s->value . '&theme=' . trim(file_get_contents($guid))); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $r = curl_exec($curl); curl_close($curl); } exit; } else { $this->error('404', "Draft not found."); return; } } else { $this->error('400', 'This endpoint only accepts tokenized POST requests.'); return; } }
function execute($par) { global $wgOut, $wgRequest, $wgParser, $wgUser, $wgFilterCallback, $wgCookiePath, $wgCookieDomain, $wgCookieSecure; $wgOut->disable(); // build the article which we are about to save $t = Title::newFromUrl($wgRequest->getVal('target')); $a = new Article($t); $action = $wgRequest->getVal('eaction'); wfDebug("Html5Editor::execute called with {$action}\n"); // process the edit update if ($action == 'get-vars') { $wgOut->disable(); $response = array('edittoken' => $wgUser->editToken(), 'edittime' => $a->getTimestamp(true), 'drafttoken' => wfGenerateToken(), 'olddraftid' => 0); // do they already have a draft saved? $drafts = Draft::getDrafts($t, $wgUser->getID()); if ($drafts) { // do we only select an html5 draft? probably not. // for loop here in case we want to display multiple drafts of same article $response['olddraftid'] = $drafts[0]->getID(); } print json_encode($response); return; } else { if ($action == 'load-draft') { $draftid = $wgRequest->getVal('draftid'); $draft = new Draft($draftid); if (!$draft->exists()) { wfLoadExtensionMessages("Html5editor"); $response = array('error' => wfMsg('h5e-draft-does-not-exist', $draftid), 'html' => ''); wfDebug("DRAFT: {$draftid} does not exist \n"); } else { $text = $draft->getText(); $html = $this->parse($t, $a, $text); $response = array(error => '', 'html' => $html); } print json_encode($response); return; } else { if ($action == 'save-draft') { $token = $wgRequest->getVal('edittoken'); if ($wgUser->matchEditToken($token)) { wfDebug("Html5Editor::execute save-draft edit token ok!\n"); $oldtext = $a->getContent(); $html = $wgRequest->getVal('html'); $newtext = $this->convertHTML2Wikitext($html, $oldtext); $draftid = $wgRequest->getVal('draftid', null); $draft = null; // 'null' apparently is what javascript is giving us. doh. if (!$draftid || preg_match("@[^0-9]@", $draftid)) { wfDebug("Html5Editor::execute getting draft id from title \n"); $draftid = self::getDraftIDFromTitle($t); } if (!$draftid || $draftid == 'null') { $draft = new Draft(); } else { $draft = Draft::newFromID($draftid); } wfDebug("Html5Editor::execute got draft id {$draftid} \n"); $draft->setTitle($t); //$draft->setStartTime( $wgRequest->getText( 'wpStarttime' ) ); $draft->setEditTime($wgRequest->getText('edittime')); $draft->setSaveTime(wfTimestampNow()); $draft->setText($newtext); $draft->setSummary($wgRequest->getText('editsummary')); $draft->setHtml5(true); //$draft->setMinorEdit( $wgRequest->getInt( 'wpMinoredit', 0 ) ); // Save draft $draft->save(); wfDebug("Html5Editor::execute saved draft with id {$draft->getID()} and text {$newtext} \n"); $response = array('draftid' => $draft->getID()); print json_encode($response); return; } else { wfDebug("Html5Editor::execute save-draft edit token BAD {$token} \n"); $response = array('error' => 'edit token bad'); print json_encode($response); return; } return; } else { if ($action == 'save-summary') { // this implementation could have a few problems // 1. if a user is editing the article in separate windows, it will // only update the last edit // 2. Could be easy to fake an edit summary save, but is limited to // edits made by the user /// 3. There's no real 'paper' trail of the saved summary // grab the cookie with the rev_id global $wgCookiePrefix; if (isset($_COOKIE["{$wgCookiePrefix}RevId" . $t->getArticleID()])) { $revid = $_COOKIE["{$wgCookiePrefix}RevId" . $t->getArticleID()]; wfDebug("AXX: updating revcomment {$revid} \n"); $dbw = wfGetDB(DB_MASTER); $summary = "updating from html5 editor, " . $wgRequest->getVal('summary'); $dbw->update('revision', array('rev_comment' => $summary), array('rev_id' => $revid, 'rev_user_text' => $wgUser->getName()), "Html5Editor::saveComment", array("LIMIT" => 1)); $dbw->update('recentchanges', array('rc_comment' => $summary), array('rc_this_oldid' => $revid, 'rc_user_text' => $wgUser->getName()), "Html5Editor::saveComment", array("LIMIT" => 1)); } else { wfDebug("AXX: NOT updating revcomment, why\n"); } return; } else { if ($action == 'publish-html') { // check the edit token $token = $wgRequest->getVal('edittoken'); if (!$wgUser->matchEditToken($token)) { $response = array('error' => wfMsg('sessionfailure')); print json_encode($response); return; } // check the edit time and check for a conflict $edittime = $wgRequest->getVal('edittime'); if (!preg_match('/^\\d{14}$/', $edittime)) { $edittime = null; } if (!$edittime) { $response = array('error' => 'missing or invalid edit time'); print json_encode($response); return; } if ($response = $this->getPermissionErrors($t)) { print json_encode($response); return; } $newArticle = !$t->exists(); $a = new Article($t); // check for edit conflict // if( $this->mArticle->getTimestamp() != $this->edittime ) { // $this->isConflict = true; // } // now ... let's convert the HTML back into wikitext... holy crap, we are nuts $oldtext = $a->getContent(); $html = $wgRequest->getVal('html'); $newtext = $this->convertHTML2Wikitext($html, $oldtext); // filter callback? if ($wgFilterCallback && $wgFilterCallback($t, $newtext, null)) { # Error messages or other handling should be performed by the filter function $response = array('error' => self::$spam_message, 'html' => $html); print json_encode($response); return; } // do the save // TODO: check for conflicts (obviously) if ($a->doEdit($newtext, $wgRequest->getVal('summary') . " (HTML5) ")) { //$alerts = new MailAddress("*****@*****.**"); //UserMailer::send($alerts, $alerts, "HTML5 Ouput for {$t->getText()}", "{$t->getFullURL()}?action=history \n HTML: " . trim($html) . "\n\nwikitext:\n $newtext\n\n\nUser: "******"\n\n\n\nPOST: " . print_r($_POST, true) ); $r = Revision::newFromTitle($t); $this->setRevCookie($t, $r); #$html = WikihowArticleHTML::postProcess($wgOut->parse($newtext)); $html = $this->parse($t, $a, $newtext); // Create an anon attribution cookie if ($newArticle && $wgUser->getId() == 0) { setcookie('aen_anon_newarticleid', $a->getId(), time() + 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure); } $response = array(error => '', 'html' => $html); print json_encode($response); return; } else { $response = array(error => 'Error saving', 'html' => ''); print json_encode($response); return; } } } } } } return; }